Abstract
Sanitization is a primary defense mechanism against injection attacks, such as cross-site scripting (XSS) and SQL injection. Most existing research on sanitization focuses on vulnerability detection and sanitization correctness, leaving the burden of sanitizer placement with the developers. However, manual sanitizer placement is complex in realistic applications. Moreover, the automatic placement strategies presented in the literature do not optimize the number of sanitizer positions, which results in inconsistent multiple-sanitization errors and duplicated code in our experience. As a remedy this paper presents an optimized automatic sanitizer placement to reduce the number of positions where sanitization is required. To that end, we analyze the dataflow of a program via static analysis. We optimize the number of sanitizer positions by preferring nodes common to multiple paths as sanitizer positions. Our evaluation displays equal sanitization coverage as previous approaches with a reduced number of sanitizers, and reduces the number of sanitization errors to 0.
Author supplied keywords
Cite
CITATION STYLE
Welearegai, G. B., & Hammer, C. (2017). Idea: Optimized automatic sanitizer placement. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10379 LNCS, pp. 87–96). Springer Verlag. https://doi.org/10.1007/978-3-319-62105-0_6
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
