Improving Data Integrity with a Java Mutability Analysis

Abstract

This paper presents a static mutability analysis approach relying on escape information for Java components and uses the techniques to detect the security threats to data integrity before software components are deployed. In order to increase the precision of our analysis, we make a couple of significant modifications to mutability definitions based on previous work in the context of components. We extended our security analysis tool SecDetector with proposed mutability analysis, and used it to find potential threats to data integrity in Java components and lead developers to fix the security flaws. On the benchmarks in our experimental evaluation, we show that our tool can correctly find potential modification access violations with few false positives and provide evidence of the effectiveness of our techniques. While the analysis techniques are in the context of Java code, the basic concepts are applicable to other object-oriented programming languages as well.