方法证据记录
Taint Analysis
Taint analysis is a data flow analysis technique that tracks how untrusted (tainted) input flows through a program to identify vulnerabilities where tainted data reaches dangerous operations (sinks). Formalized by Newsome and Song in 2005, taint analysis marks input data as tainted and propagates taint labels through the program, alerting when tainted data reaches sensitive operations like SQL queries or system calls. Taint analysis is fundamental to detecting injection vulnerabilities and is widely used in dynamic analysis tools and security monitoring systems.
源记录
引文逐字复制自方法源记录。这些引文不代表任何层级的验证。
Taint Analysis (Data Flow Analysis)
分类方法记录 · ml-model / cryptography
- Newsome, J., & Song, D. X. (2005). Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Network and Distributed System Security Symposium (NDSS 2005). · URL
- Schwartz, E. J., Avgerinos, T., & Brumley, D. (2010). All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In IEEE Symposium on Security and Privacy (SP), 2010, pp. 317-331. · DOI 10.1109/SP.2010.26
精选声明
声明已持久化到证据分类账中,每个声明都有自己的评估。
尚无精选声明
当分类账中没有声明时,此视图不会自行创建声明评估。
相关方法
从方法图中生成,显示为机器建议的关系 — 不推断任何证据声明。