A programming language’s security principles guarantee robustness and sustainability by detecting and neutralizing any tainted object in the programming code, which can potentially be the source of any vulnerability during the operation and execution of a program. This paper covers injected attacks via these tainted user inputs in different operation scenarios, and proposes mechanisms based on semantic analysis to protect the programs.
The paper begins with an illustrative introduction. It explains the destructive and malicious operations of injection attacks in database systems, web page rendering, operating system scripting, and so on. Static and dynamic analyses are counted as traditional ways to prevent and combat possible threats and vulnerabilities, respectively.
The paper’s central theme is pre-execution and injection-preventing methods for Java, with the inclusion of all possible code block structures (code block, exception handling, recursion, and so on). The authors present “a sound static analysis that identifies if and where a Java bytecode program lets data flow from tainted user input (including servlet requests) into critical operations that might give rise to injections,” as well as consider the possibility of false alarms. The paper includes examples of injection in program code and propounds the issue of reachability-based taintedness.
The literature review covers the automatic identification of data injection for both dynamic and static analyses, where scalability and precision are considered essential criteria. Also featured: a theoretical framework of access paths that describes reachability-based taintedness via backwards taint analysis and modeling information via heap analyses. In a concrete semantical notational formalism as the basic expression of code structure for taint analysis, the denotation for Java bytecodes is declared. It defines the entities of the language, for example, class, instance method, constructors, program state, exceptional states, handling, and so on. Next, using binary decision diagrams (BDDs) and a defined abstract interpretation of the concrete semantic, the probable ways of propagating taintedness are theorized. This theoretical framework would operate as an analysis engine to reveal any tainted connection on a flow-sensitive static analysis.
The paper extensively discusses issues of operation on the implemented Julia static analysis framework. Open-source and closed-source application results, true and false alarms, iteration strategy, and BDD compaction are studied comprehensively.
The paper presents a mature security-based look at program coding that has been equipped with a rich theoretical notational formalism. These features reflect the reliability and power of the provided framework for the static analysis of injection attacks. The paper is strongly recommended for all coders involved in the security of web development systems.
