No document available.
Abstract :
[en] Python is one of the most popular programming languages; as such, projects written in Python involve an increasing number of diverse security vulnerabilities.
However, existing state-of-the-art analysis tools for Python only support a few vulnerability types.
Hence, there is a need to detect a large variety of vulnerabilities in Python projects.
In this paper, we propose the SAGA approach to detect and locate vulnerabilities in Python source code in a versatile way.
SAGA includes a source code parser able to extract control- and data-flow information and to represent it as a symbolic control-flow graph, as well as a domain-specific language defining static aspects of the source code and their evolution during graph traversals.
We have leveraged this language to define a library of static aspects for integrity, confidentiality, and other security-related properties.
We have evaluated SAGA on a dataset of 108 vulnerabilities, obtaining 100% sensitivity and 99.15% specificity, with only one false positive, while outperforming four common security analysis tools.
This analysis was performed in less than 31 seconds, i.e., between 2.5 and 512.1 times faster than the baseline tools.
