Dynamic Taint Tracking of Web Application Based on Static Code Analysis

摘要

With the continuous development of J2EE technology, frequent attacks using security vulnerabilities in web applications have caused enormous economic loss to the users. Dynamic taint tracking is an important part to analyze the program dynamically. In this paper, we put forward a new dynamic solution in the Java virtual machine, warning external attacks and recording specific taint propagation path. This scheme combines static analysis techniques to collect reachable "source-derivation-sink" taint flow and reduce the runtime overhead. With the help of AOP (aspect-oriented programming) technology, we could only insert monitor codes to interested taint paths to improve the efficiency of instrumentation. Finally, we implemented this dynamic taint tracking approach to explore SQL injection and XSS vulnerabilities in web applications based on the Java Servlet Specification and proved practicality.