Taint analysis tools are widely used in the field of software security. However, there is a lack of effective and adaptable tools that can meet the evolving challenges of security in complex and diverse program features. In this paper, we present a comparative study of three prominent taint analyzers, Pysa, Pyt, and Joern, to assess their effectiveness in detecting data leaks or vulnerabilities in Python programs. We propose an approach that combines the capabilities of the taint analysis with the a code property graph-based code property analysis tool. Our findings reveal differences in Pysa and Pyt in different test cases, highlighting the varying degrees of accuracy and efficiency in tracking data flow paths. Our evaluation demonstrated that the three tools generally performed well, minimizing false positives and false negatives, and strengthening applications against security vulnerabilities. This research contributes to a better understanding of the strengths and limitations of these tools in real-world scenarios, providing invaluable guidance to security professionals and developers alike.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

A Comparative Analysis of Taint Analysis Tools: Enhancing Security Through Combined Static Analysis Approaches

  • Young Lee,
  • Mohammed Tausif Ansari,
  • Jeong Yang

摘要

Taint analysis tools are widely used in the field of software security. However, there is a lack of effective and adaptable tools that can meet the evolving challenges of security in complex and diverse program features. In this paper, we present a comparative study of three prominent taint analyzers, Pysa, Pyt, and Joern, to assess their effectiveness in detecting data leaks or vulnerabilities in Python programs. We propose an approach that combines the capabilities of the taint analysis with the a code property graph-based code property analysis tool. Our findings reveal differences in Pysa and Pyt in different test cases, highlighting the varying degrees of accuracy and efficiency in tracking data flow paths. Our evaluation demonstrated that the three tools generally performed well, minimizing false positives and false negatives, and strengthening applications against security vulnerabilities. This research contributes to a better understanding of the strengths and limitations of these tools in real-world scenarios, providing invaluable guidance to security professionals and developers alike.