基于污染分析的PHP漏洞检测

2017 6th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO) Pub Date : 2017-09-01 DOI:10.1109/ICRITO.2017.8342466

Kai-duan Cao, Jing He, Wenqing Fan, Wei Huang, Lei Chen, Yue Pan

{"title":"基于污染分析的PHP漏洞检测","authors":"Kai-duan Cao, Jing He, Wenqing Fan, Wei Huang, Lei Chen, Yue Pan","doi":"10.1109/ICRITO.2017.8342466","DOIUrl":null,"url":null,"abstract":"To detect the vulnerabilities of Web applications which based on the PHP scripting language. This paper proposes a PHP vulnerability detection method based on fine-grained taint analysis algorithm. First of all, this article generates the Abstract Syntax Tree by lexical and grammatical analysis on the PHP, and then produces the corresponding Control Flow Graph. At last, performing taint analysis on the Control Flow Graph. By tracking the program parameters, variables and other external input, marking the input type, propagating to various types of vulnerability function via the taint, and finally according to the tainted types of variable which are outputted to identify the vulnerabilities. We tested 16 programs of Damm Vulnerable Web App and found nine known vulnerabilities.","PeriodicalId":357118,"journal":{"name":"2017 6th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO)","volume":"63 12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"PHP vulnerability detection based on taint analysis\",\"authors\":\"Kai-duan Cao, Jing He, Wenqing Fan, Wei Huang, Lei Chen, Yue Pan\",\"doi\":\"10.1109/ICRITO.2017.8342466\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To detect the vulnerabilities of Web applications which based on the PHP scripting language. This paper proposes a PHP vulnerability detection method based on fine-grained taint analysis algorithm. First of all, this article generates the Abstract Syntax Tree by lexical and grammatical analysis on the PHP, and then produces the corresponding Control Flow Graph. At last, performing taint analysis on the Control Flow Graph. By tracking the program parameters, variables and other external input, marking the input type, propagating to various types of vulnerability function via the taint, and finally according to the tainted types of variable which are outputted to identify the vulnerabilities. We tested 16 programs of Damm Vulnerable Web App and found nine known vulnerabilities.\",\"PeriodicalId\":357118,\"journal\":{\"name\":\"2017 6th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO)\",\"volume\":\"63 12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 6th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICRITO.2017.8342466\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 6th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRITO.2017.8342466","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

对基于PHP脚本语言的Web应用程序进行漏洞检测。本文提出了一种基于细粒度污点分析算法的PHP漏洞检测方法。本文首先在PHP上通过词法和语法分析生成抽象语法树，然后生成相应的控制流图。最后，对控制流图进行了污点分析。通过跟踪程序参数、变量等外部输入，标记输入类型，通过污染传播到各种类型的漏洞函数，最后根据输出的变量的污染类型来识别漏洞。我们测试了Damm易受攻击Web App的16个程序，发现了9个已知漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

PHP vulnerability detection based on taint analysis

To detect the vulnerabilities of Web applications which based on the PHP scripting language. This paper proposes a PHP vulnerability detection method based on fine-grained taint analysis algorithm. First of all, this article generates the Abstract Syntax Tree by lexical and grammatical analysis on the PHP, and then produces the corresponding Control Flow Graph. At last, performing taint analysis on the Control Flow Graph. By tracking the program parameters, variables and other external input, marking the input type, propagating to various types of vulnerability function via the taint, and finally according to the tainted types of variable which are outputted to identify the vulnerabilities. We tested 16 programs of Damm Vulnerable Web App and found nine known vulnerabilities.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 6th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO)

自引率

0.00%

发文量