Uchambuzi wa Uchafu
Uchambuzi wa uchafu ni mbinu ya uchambuzi wa mtiririko wa data ambayo hufuatilia jinsi pembejeo isiyoaminika (iliyochafuka) inapita kwenye programu ili kutambua udhaifu ambapo data iliyochafuka hufikia shughuli hatari (mizani). Imeandaliwa rasmi na Newsome na Song mnamo 2005, uchambuzi wa uchafu huashiria data ya pembejeo kama iliyochafuka na hueneza lebo za uchafu kupitia programu, ikionya data iliyochafuka inapofikia shughuli nyeti kama vile maswali ya SQL au simu za mfumo. Uchambuzi wa uchafu ni msingi wa kugundua udhaifu wa sindano na hutumiwa sana katika zana za uchambuzi wa nguvu na mifumo ya ufuatiliaji wa usalama.
Soma mbinu kamili
Ingia kwa akaunti ya bure ili kusoma sehemu hii.
Ramani ya mbinu
Jirani ya mbinu zinazohusiana — chagua nodi ili kuchunguza.
Vyanzo
- Newsome, J., & Song, D. X. (2005). Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Network and Distributed System Security Symposium (NDSS 2005). link ↗
- Schwartz, E. J., Avgerinos, T., & Brumley, D. (2010). All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In IEEE Symposium on Security and Privacy (SP), 2010, pp. 317-331. DOI: 10.1109/SP.2010.26 ↗
Jinsi ya kunukuu ukurasa huu
ScholarGate. (2026, June 3). Taint Analysis (Data Flow Analysis). ScholarGate. https://scholargate.app/sw/cryptography/taint-analysis
Mbinu ipi?
Weka mbinu hii kando ya jamaa zake wa karibu na uzisome bega kwa bega — maktaba huweka vitabu mezani; uamuzi ni wako.
- FuzzingKriptografia↔ linganisha
- Upimishaji Usalama wa Maombi tuli (Static Application Security Testing)Kriptografia↔ linganisha
- Utekelezaji wa AlamaKriptografia↔ linganisha
Imerejelewa na
Umeona tatizo kwenye ukurasa huu? Ripoti au pendekeza marekebisho →