Dynamic Information Flow Analysis and Dynamic Slicing (Extended Version)
نویسندگان
چکیده
Information flow analysis is concerned with validating the security of information flows between objects in a program and between the program and the outside world. This paper presents a practical approach to dynamic information flow analysis that can be used in software testing or intrusion detection and that facilitates debugging of insecure flows. The proposed approach provides capabilities to validate and debug dynamic information flows against a given information flow policy. It can be applied offline with test cases or captured operational inputs, or, when fast response is not critical, it can be applied online with deployed software. This paper presents a precise forward-computing algorithm for dynamic slicing, which is applicable to debugging insecure information flows and other failures in both structured and unstructured programs. A prototype tool implementing the proposed approach has been developed for Java byte code programs.
منابع مشابه
Slicing of Constraint Logic Programs
Abstract. Slicing is a program analysis technique originally developed for imperative languages. It facilitates understanding of data flow and debugging. This paper discusses slicing of Constraint Logic Programs. Constraint Logic Programming (CLP) is an emerging software technology with a growing number of applications. Data flow in constraint programs is not explicit, and for this reason the c...
متن کاملDynamic program slicing methods
A dynamic program slice is this part of a program that "affects" the computation of a variable of interest during program execution on a specific program input. Dynamic program slicing refers to a collection of program slicing methods that are based on program execution and may significantly reduce the size of a program slice because run-time information, collected during program execution, is ...
متن کاملThree-Phase Modeling of Dynamic Kill in Gas-Condensate Well Using Advection Upstream Splitting Method Hybrid Scheme
Understanding and modeling of three-phase transient flow in gas-condensate wells play a vital role in designing and optimizing dynamic kill procedure of each well that needs to capture the discontinuities in density, geometry, and velocity of phases but also the effect of temperature on such parameters. In this study, two-phase Advection-Upstream-Splitting-Method (AUSMV) hybrid scheme is extend...
متن کاملDynamic Slicing of Concurrent Programs : Where are We and Where is the Right Way ? ( Extended
Program slicing has been developed as a standard technique used in various software engineering activit ies including program understanding, testing, debugging, maintenance, and complexity measurement. Although both static and dynamic slicing of sequential programs have been applied to software engineering practices, there still are some challenges, problems and issues in slicing concurrent pro...
متن کاملDesign and Implementation of Bytecode-based Java Slicing System
Program slice is a set of statements that affect the value of variable v in a statement s. In order to calculate a program slice, we must know the dependence relations between statements in the program. Program slicing techniques are roughly divided into two categories, static slicing and dynamic slicing, and we have proposed DC slicing technique which uses both static and dynamic information. ...
متن کامل