: An Automata-Based String Analysis Tool for PHP

Yu, Fang; Alkhalaf, Muath; Bultan, Tevfik

doi:10.1007/978-3-642-12002-2_13

Stranger: An Automata-Based String Analysis Tool for PHP

Fang Yu¹⁸,
Muath Alkhalaf¹⁸ &
Tevfik Bultan¹⁸

Conference paper

2295 Accesses
69 Citations

Part of the Lecture Notes in Computer Science book series (LNTCS,volume 6015)

Abstract

Stranger is an automata-based string analysis tool for finding and eliminating string-related security vulnerabilities in PHP applications. Stranger uses symbolic forward and backward reachability analyses to compute the possible values that the string expressions can take during program execution. Stranger can automatically (1) prove that an application is free from specified attacks or (2) generate vulnerability signatures that characterize all malicious inputs that can be used to generate attacks.

Keywords

Dependency Graph
Reachability Analysis
Strongly Connected Component
Attack Pattern
Vulnerability Signature

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This work is supported by NSF grants CCF-0916112 and CCF-0716095.

Download conference paper PDF

References

Bartzis, C., Bultan, T.: Widening arithmetic automata. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 321–333. Springer, Heidelberg (2004)
Google Scholar
BRICS. The MONA project, http://www.brics.dk/mona/
Christensen, A., Møller, A., Schwartzbach, M.: Precise analysis of string expressions. In: Cousot, R. (ed.) SAS 2003. LNCS, vol. 2694, pp. 1–18. Springer, Heidelberg (2003)
CrossRef Google Scholar
Jovanovic, N., Krügel, C., Kirda, E.: Pixy: A static analysis tool for detecting web application vulnerabilities (short paper). In: S&P, pp. 258–263 (2006)
Google Scholar
Minamide, Y.: Static approximation of dynamically generated web pages. In: WWW, pp. 432–441 (2005)
Google Scholar
OWASP. Top ten project (May 2007), http://www.owasp.org/
Wassermann, G., Su, Z.: Sound and precise analysis of web applications for injection vulnerabilities. In: PLDI, pp. 32–41 (2007)
Google Scholar
Yu, F., Alkhalaf, M., Bultan, T.: Generating vulnerability signatures for string manipulating programs using automata-based forward and backward symbolic analyses. In: ASE (2009)
Google Scholar
Yu, F., Bultan, T., Cova, M., Ibarra, O.H.: Symbolic string verification: An automata-based approach. In: Havelund, K., Majumdar, R., Palsberg, J. (eds.) SPIN 2008. LNCS, vol. 5156, pp. 306–324. Springer, Heidelberg (2008)
CrossRef Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science, University of California, Santa Barbara, CA, USA
Fang Yu, Muath Alkhalaf & Tevfik Bultan

Authors

Fang Yu
View author publications
You can also search for this author in PubMed Google Scholar
Muath Alkhalaf
View author publications
You can also search for this author in PubMed Google Scholar
Tevfik Bultan
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Institut für Informatik, Technische Universität München, 85748, Garching, Germany
Javier Esparza
Department of Computer Science, University of California, 90095, Los Angeles, CA, USA
Rupak Majumdar

Rights and permissions

Reprints and Permissions

Copyright information

About this paper

Cite this paper

Yu, F., Alkhalaf, M., Bultan, T. (2010). Stranger: An Automata-Based String Analysis Tool for PHP. In: Esparza, J., Majumdar, R. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 2010. Lecture Notes in Computer Science, vol 6015. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12002-2_13

Download citation

DOI: https://doi.org/10.1007/978-3-642-12002-2_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12001-5
Online ISBN: 978-3-642-12002-2
eBook Packages: Computer ScienceComputer Science (R0)