Security Slicing for Auditing Common Injection Vulnerabilities

Thome, Julian; Shar, Lwin Khin; Bianculli, Domenico; Briand, Lionel

doi:10.1016/j.jss.2017.02.040

Reference : Security Slicing for Auditing Common Injection Vulnerabilities


	Document type :	Scientific journals : Article
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/29924

Title :	Security Slicing for Auditing Common Injection Vulnerabilities
Language :	English
Author, co-author :	Thome, Julian [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Shar, Lwin Khin [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Bianculli, Domenico [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Briand, Lionel [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Publication date :	2018
Journal title :	Journal of Systems and Software
Publisher :	Elsevier Science
Volume :	137
Issue/season :	March, 2018
Pages :	766-783
Peer reviewed :	Yes (verified by ORBi^lu)
Audience :	International
ISSN :	0164-1212
Keywords :	[en] Security auditing ; static analysis ; vulnerability ; automated code fixing
Abstract :	[en] Cross-site scripting and injection vulnerabilities are among the most common and serious security issues for Web applications. Although existing static analysis approaches can detect potential vulnerabilities in source code, they generate many false warnings and source-sink traces with irrelevant information, making their adoption impractical for security auditing. One suitable approach to support security auditing is to compute a program slice for each sink, which contains all the information required for security auditing. However, such slices are likely to contain a large amount of information that is irrelevant to security, thus raising scalability issues for security audits. In this paper, we propose an approach to assist security auditors by defining and experimenting with pruning techniques to reduce original program slices to what we refer to as security slices, which contain sound and precise information. To evaluate the proposed approach, we compared our security slices to the slices generated by a state-of-the-art program slicing tool, based on a number of open-source benchmarks. On average, our security slices are 76% smaller than the original slices. More importantly, with security slicing, one needs to audit approximately 1% of the total code to fix all the vulnerabilities, thus suggesting significant reduction in auditing costs.
Research centres :	Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Software Verification and Validation Lab (SVV Lab)
Funders :	Fonds National de la Recherche - FnR
Target :	Researchers ; Professionals
Permalink :	http://hdl.handle.net/10993/29924
DOI :	10.1016/j.jss.2017.02.040
FnR project :	FnR ; FNR9132112 > Julian Thome > HyVAn > A Scalable and Accurate Hybrid Vulnerability Analysis Framework > 01/09/2014 > 14/04/2017 > 2014

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Limited access	jss2016.pdf		Author postprint	720.17 kB	Request a copy

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices