• TAJ

  • Referenced in 7 articles [sw33114]
  • analysis of web applications. Taint analysis, a form of information-flow analysis, establishes whether values ... methods and parameters may flow into security-sensitive operations. Taint analysis can detect many common ... have designed and implemented a static Taint Analysis for Java (TAJ) that meets the requirements ... techniques to handle reflective calls, flow through containers, nested taint, and issues in generating useful...
  • DTA++

  • Referenced in 2 articles [sw33315]
  • taint analysis with targeted control-flow propagation. Dynamic taint analysis (DTA) is a powerful technique ... rors caused by implicit flows, situations in which tainted data values affect control flow, which ... taint analysis that additionally propagates taint along a tar- geted subset of control-flow dependencies ... implicit flows that could otherwise lead to under-tainting, and resolves them by propagating taint...
  • BackFlow

  • Referenced in 1 article [sw34336]
  • BackFlow: backward context-sensitive flow reconstruction of taint analysis results. Taint analysis detects if data ... explain the flow of tainted data from the results of the analysis, to understand ... paper formalizes BackFlow, a context-sensitive taint flow reconstructor that, starting from ... results of a taint-analysis engine, reconstructs how tainted data flows inside the program...
  • FlowDroid

  • Referenced in 5 articles [sw26741]
  • FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps ... taint analysis for Android applications. A precise model of Android’s lifecycle allows the analysis ... framework, while context, flow, field and object-sensitivity allows the analysis to reduce the number ... evaluating the effectiveness and accuracy of taint-analysis tools specifically for Android apps...
  • LIFT

  • Referenced in 3 articles [sw20596]
  • shows that information flow tracking (also referred to as taint analysis) is a promising technique ... range of security attacks. However, current information flow tracking systems are not very practical, because...
  • TaintDroid

  • Referenced in 9 articles [sw26740]
  • TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. Today’s smartphone ... efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources...
  • Dytan

  • Referenced in 6 articles [sw31722]
  • framework. Dynamic taint analysis is gaining momentum. Techniques based on dynamic tainting have been successfully ... debugging. Unfortunately, most existing approaches for dynamic tainting are defined in an ad-hoc manner ... performing both data-flow and control-flow based tainting conservatively, and (3) does not rely ... tainting approach used can affect efficiency and accuracy of the taint analysis, which further justifies...
  • Pixy

  • Referenced in 5 articles [sw25249]
  • precisely, we use flow-sensitive, interprocedural and context-sensitive dataflow analysis to discover vulnerable points ... program. In addition, alias and literal analysis are employed to improve the correctness and precision ... targeted at the general class of taint-style vulnerabilities and can be applied...
  • DynOpVm

  • Referenced in 1 article [sw31719]
  • execution and program analysis to follow the original control flow of the program, making state ... backward tainting and slicing ineffective. We implement a prototype of our VM-based obfuscator...
  • IccTA

  • Referenced in 1 article [sw33526]
  • build a precise analysis tool that tracks the flow of any sensitive data from ... maliciously, we propose IccTA, a static taint analyzer to detect privacy leaks among components ... components, IccTA improves the precision of the analysis. IccTA outperforms existing tools on two benchmarks...
  • Apposcopy

  • Referenced in 1 article [sw40195]
  • Apposcopy uses a combination of static taint analysis and a new form of program representation ... applications that have certain control- and data-flow properties. We have evaluated Apposcopy...
  • Taintscope

  • Referenced in 0 articles [sw23360]
  • automatic fuzzing system using dynamic taint analysis and symbolic execution techniques, to tackle the above ... techniques, and bypass such checks via control flow alteration. 2) TaintScope is a directed fuzzing ... Window). Based on fine-grained dynamic taint tracing, TaintScope identifies which bytes in a well...
  • Saturn

  • Referenced in 8 articles [sw01297]
  • Saturn: A SAT-based tool for bug detection...
  • Valgrind

  • Referenced in 62 articles [sw04420]
  • Valgrind is an instrumentation framework for building dynamic...
  • BitBlaze

  • Referenced in 11 articles [sw10059]
  • BitBlaze: Binary Analysis for Computer Security: Binary analysis...
  • AMNESIA

  • Referenced in 11 articles [sw12039]
  • AMNESIA: analysis and monitoring for NEutralizing SQL-injection...
  • GitHub

  • Referenced in 2766 articles [sw23170]
  • GitHub (originally known as Logical Awesome LLC)[3...
  • Panorama

  • Referenced in 3 articles [sw23936]
  • Panorama: capturing system-wide information flow for malware...
  • F4F

  • Referenced in 3 articles [sw29449]
  • F4F: taint analysis of framework-based web applications...