swMATH ID: 33114
Software Authors: Tripp, O., Pistoia, M., Fink, S.J., Sridharan, M., Weisman, O.
Description: TAJ: effective taint analysis of web applications. Taint analysis, a form of information-flow analysis, establishes whether values from untrusted methods and parameters may flow into security-sensitive operations. Taint analysis can detect many common vulnerabilities in Web applications, and so has attracted much attention from both the research community and industry. However, most static taint-analysis tools do not address critical requirements for an industrial-strength tool. Specifically, an industrial-strength tool must scale to large industrial Web applications, model essential Web-application code artifacts, and generate consumable reports for a wide range of attack vectors. We have designed and implemented a static Taint Analysis for Java (TAJ) that meets the requirements of industry-level applications. TAJ can analyze applications of virtually any size, as it employs a set of techniques designed to produce useful answers given limited time and space. TAJ addresses a wide variety of attack vectors, with techniques to handle reflective calls, flow through containers, nested taint, and issues in generating useful reports. This paper provides a description of the algorithms comprising TAJ, evaluates TAJ against production-level benchmarks, and compares it with alternative solutions.
Homepage: https://dl.acm.org/doi/10.1145/1542476.1542486
Dependencies: Java
Related Software: Dytan; F4F; FlowDroid; TaintDroid; Pixy; Panorama; Stranger; Saner; GitHub; Merlin; BackFlow; Sails; Aletheia; MorphDroid; Julia Static Analyzer; JFlow; PQL; PHP; AMNESIA; Perracotta
Referenced in: 6 Publications

Referenced in 1 Field

6 Computer science (68-XX)

Referencing Publications by Year