WEKO3
-
RootNode
アイテム
Yet Another Taint Mode for PHP
https://ipsj.ixsq.nii.ac.jp/records/74358
https://ipsj.ixsq.nii.ac.jp/records/74358766d4bd5-4b54-424b-bad6-b2e52a57b042
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-SACSIS2011020.pdf (1.3 MB)
|
Copyright (c) 2011 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Symposium(1) | |||||||
|---|---|---|---|---|---|---|---|---|
| 公開日 | 2011-05-18 | |||||||
| タイトル | ||||||||
| タイトル | Yet Another Taint Mode for PHP | |||||||
| タイトル | ||||||||
| 言語 | en | |||||||
| タイトル | Yet Another Taint Mode for PHP | |||||||
| 言語 | ||||||||
| 言語 | eng | |||||||
| キーワード | ||||||||
| 主題Scheme | Other | |||||||
| 主題 | プログラミング言語 | |||||||
| 資源タイプ | ||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_5794 | |||||||
| 資源タイプ | conference paper | |||||||
| 著者所属 | ||||||||
| Graduate School of Information Science and Technology, The University of Tokyo | ||||||||
| 著者所属 | ||||||||
| Graduate School of Engineering, Nagoya University | ||||||||
| 著者所属 | ||||||||
| Graduate School of Information Science and Technology, The University of Tokyo | ||||||||
| 著者所属 | ||||||||
| Graduate School of Information Science and Technology, The University of Tokyo | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Graduate School of Information Science and Technology, The University of Tokyo | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Graduate School of Engineering, Nagoya University | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Graduate School of Information Science and Technology, The University of Tokyo | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Graduate School of Information Science and Technology, The University of Tokyo | ||||||||
| 著者名 |
Hiroshi, Toi
× Hiroshi, Toi
|
|||||||
| 著者名(英) |
Hiroshi, Toi
× Hiroshi, Toi
|
|||||||
| 論文抄録 | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | Nowadays, security of web applications faces a threat of script injection attacks, such as cross-site scripting (XSS), or SQL injection. DTP (Dynamic Taint Propagation) has been established as powerful techniques to detect script injection attacks. However, current DTP systems still suffer from trade-off between false positives and negatives, because these systems propagate tainted information from source operands to destination operands. We proposed SWIFT, which traces memory accesses of a program execution, detects string access and distinguishes string operations from other memory accesses, and propagates tainted information under string operations. This makes SWIFT provide a better accuracy on detection of script injection attacks than the current DTP systems. Since SWIFT only concentrates on address traces of a target program, it can be implemented both on interpreters of script languages and on hardware mechanisms of processors. In this paper, We implemented SWIFT to PHP, executed typical string operations and made injection attacks to some real-world web applications with known vulnerabilities. As a result of our experiments, SWIFT on PHP shows a high precision. Moreover, we evaluated the performance overhead. The average performance overhead is 55%. | |||||||
| 論文抄録(英) | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | Nowadays, security of web applications faces a threat of script injection attacks, such as cross-site scripting (XSS), or SQL injection. DTP (Dynamic Taint Propagation) has been established as powerful techniques to detect script injection attacks. However, current DTP systems still suffer from trade-off between false positives and negatives, because these systems propagate tainted information from source operands to destination operands. We proposed SWIFT, which traces memory accesses of a program execution, detects string access and distinguishes string operations from other memory accesses, and propagates tainted information under string operations. This makes SWIFT provide a better accuracy on detection of script injection attacks than the current DTP systems. Since SWIFT only concentrates on address traces of a target program, it can be implemented both on interpreters of script languages and on hardware mechanisms of processors. In this paper, We implemented SWIFT to PHP, executed typical string operations and made injection attacks to some real-world web applications with known vulnerabilities. As a result of our experiments, SWIFT on PHP shows a high precision. Moreover, we evaluated the performance overhead. The average performance overhead is 55%. | |||||||
| 書誌情報 |
先進的計算基盤システムシンポジウム論文集 巻 2011, p. 160-169, 発行日 2011-05-18 |
|||||||
| 出版者 | ||||||||
| 言語 | ja | |||||||
| 出版者 | 情報処理学会 | |||||||
