Adapting taint analyses for detecting security vulnerabilities / by Goran Piskachev ; Advisor: Prof. Dr. Eric Bodden. Paderborn, 2022
Content
- Introduction
- Background
- Using SAST Tools in Practice
- Related Work
- Usability of static analysis
- Studies on adaption of security tools
- Taint analysis results and comparison
- Survey and Interviews
- User Study
- Detecting Security-Relevant Methods
- Requirements
- Related Work
- Two-phase Classification Model
- FRcode: Code Features
- Classifiers
- SWANframe: General Framework for Creating Machine-learning Pipelines for SRM Prediction
- FRdoc_m: Implementing Features Based on Doc Comments
- FRdoc_a: Automated Features Based on Doc Comments
- Pipelines
- Evaluation
- Comparison (RQ7)
- Real-world Applications (RQ8)
- Utilizing doc comments (RQ9)
- Automatic vs. manual features based on doc comments (RQ10)
- Hybrid feature representations (RQ11)
- Optimal classifier (RQ12)
- Threats to Validity
- Active Learning of Security Relevant Methods
- fluentTQL
- Requirements
- Selection of Sensitive Methods
- Selection of In- and Out-Values
- Composition of Taint-Flows
- Detailed Error Message
- Integration into Developer's Workflow
- Independence of Concrete Taint Analysis
- Related Work
- Design
- Semantics
- Implementation
- SecuCheck
- Evaluation
- Conclusion