{"title":"静态污染分析在RASP保护策略中的应用","authors":"Miao Ji, Ming Yin, Ying Hui Zhou","doi":"10.1145/3584714.3584723","DOIUrl":null,"url":null,"abstract":"Program analysis plays an important role in ensuring the safety and correctness of Programs. Based on the cloud native security system and from the perspective of building a secure runtime application, this paper introduces the key technologies and algorithms in runtime application self-protection (RASP), puts forward a protection strategy scheme that creatively combines static taint analysis and RASP, and discusses the application of the scheme in the process of DevSecOps. Finally, the feasibility of the scheme is summarized through an example. Through the combination of program analysis technology and preset protection strategy, it provides a reference for the implementation of runtime application security protection.","PeriodicalId":112952,"journal":{"name":"Proceedings of the 2022 International Conference on Cyber Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Application of static taint analysis in RASP protection strategy\",\"authors\":\"Miao Ji, Ming Yin, Ying Hui Zhou\",\"doi\":\"10.1145/3584714.3584723\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Program analysis plays an important role in ensuring the safety and correctness of Programs. Based on the cloud native security system and from the perspective of building a secure runtime application, this paper introduces the key technologies and algorithms in runtime application self-protection (RASP), puts forward a protection strategy scheme that creatively combines static taint analysis and RASP, and discusses the application of the scheme in the process of DevSecOps. Finally, the feasibility of the scheme is summarized through an example. Through the combination of program analysis technology and preset protection strategy, it provides a reference for the implementation of runtime application security protection.\",\"PeriodicalId\":112952,\"journal\":{\"name\":\"Proceedings of the 2022 International Conference on Cyber Security\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2022 International Conference on Cyber Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3584714.3584723\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2022 International Conference on Cyber Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3584714.3584723","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Application of static taint analysis in RASP protection strategy
Program analysis plays an important role in ensuring the safety and correctness of Programs. Based on the cloud native security system and from the perspective of building a secure runtime application, this paper introduces the key technologies and algorithms in runtime application self-protection (RASP), puts forward a protection strategy scheme that creatively combines static taint analysis and RASP, and discusses the application of the scheme in the process of DevSecOps. Finally, the feasibility of the scheme is summarized through an example. Through the combination of program analysis technology and preset protection strategy, it provides a reference for the implementation of runtime application security protection.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
