ScholarGate
Assistent
Machine learningProgram analysis for security

Taint-analyse

Taint-analyse er en datastrømsanalyse-teknik, der sporer, hvordan utroværdige (tainted) input flyder gennem et program for at identificere sårbarheder, hvor tainted data når farlige operationer (sinks). Formelt defineret af Newsome og Song i 2005, markerer taint-analyse inputdata som tainted og propagaterer taint-etiketter gennem programmet, idet der advares, når tainted data når følsomme operationer som SQL-forespørgsler eller systemkald. Taint-analyse er fundamental for at detektere injektionssårbarheder og bruges bredt i dynamiske analyseværktøjer og sikkerhedsovervågningssystemer.

Åbn i MethodMindSnartVideoSnartDownload slides

Læs hele metoden

Kun for medlemmer

Log ind med en gratis konto for at læse dette afsnit.

Log ind

Method map

The neighbourhood of related methods — select a node to explore.

Taint-analyse
FuzzingStatisk applikationssikk…Symbolic ExecutionDeep Packet InspectionDynamisk applikationssik…

Kilder

  1. Newsome, J., & Song, D. X. (2005). Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Network and Distributed System Security Symposium (NDSS 2005). link
  2. Schwartz, E. J., Avgerinos, T., & Brumley, D. (2010). All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In IEEE Symposium on Security and Privacy (SP), 2010, pp. 317-331. DOI: 10.1109/SP.2010.26

Sådan citerer du denne side

ScholarGate. (2026, June 3). Taint Analysis (Data Flow Analysis). ScholarGate. https://scholargate.app/da/cryptography/taint-analysis

Which method?

Set this method beside its closest kin and read them side by side — the library lays the books on the table; the choice is yours.

Compare side by side

Refereret af

Deep Packet InspectionDynamisk applikationssikkerhedstestFuzzingStatisk applikationssikkerhedstestSymbolic Execution

Har du fundet en fejl på denne side? Indberet den eller foreslå en rettelse →

ScholarGateTaint Analysis (Taint Analysis (Data Flow Analysis)). Hentet 2026-06-15 fra https://scholargate.app/da/cryptography/taint-analysis · Datasæt: https://doi.org/10.5281/zenodo.20539026