Logo des Repositoriums

Auflistung nach Autor:in "Luo, Linghui"

1 - 5 von 5
  • ConferencePaper
    Heaps'n Leaks: How Heap Snapshots Improve Android Taint Analysis
    (Software Engineering 2021, 2021) Benz, Manuel; Kristensen, Erik Krogh; Luo, Linghui; Borges Jr., Nataniel P.; Bodden, Eric; Zeller, Andreas
    The assessment of information flows is an essential part of analyzing Android apps, and is frequently supported by static taint analysis. Its precision, however, can suffer from the analysis not being able to precisely determine what elements a pointer can (and cannot) point to. Recent advances in static analysis suggest that incorporating dynamic heap snapshots, taken at one point at runtime, can significantly improve general static analysis. In this paper, we investigate to what extent this also holds for taint analysis, and how various design decisions, such as when and how many snapshots are collected during execution, and how exactly they are used, impact soundness and precision. We have extended FlowDroid to incorporate heap snapshots, yielding our prototype Heapster, and evaluated it on DroidMacroBench, a novel benchmark comprising real-world Android apps that we also make available as an artifact. The results show (1) the use of heap snapshots lowers analysis time and memory consumption while increasing precision; (2) a very good trade-off between precision and recall is achieved by a mixed mode in which the analysis falls back to static points-to relations for objects for which no dynamic data was recorded; and (3) while a single heap snapshot (ideally taken at the end of the execution) suffices to improve performance and precision, a better trade-off can be obtained by using multiple snapshots.
  • Konferenzbeitrag
    IDE Support for Cloud-Based Static Analyses
    (Software Engineering 2022, 2022) Luo, Linghui; Bodden, Eric
    We present a user study with developers at Amazon Web Services on their expectations of IDE support for cloud-based static analyses. The paper was originally presented at ESEC/FSE 2021. Many companies are providing Static Application Security Testing (SAST) tools as a service. These tools fit well into CI/CD, because CI/CD allows time for deep static analyses on large code bases and prevents vulnerabilities in the early stages of the development lifecycle. In CI/CD, the SAST tools usually run in the cloud and provide findings via a web interface. Recent studies show that developers prefer seeing the findings of these tools directly in their IDEs. Most tools with IDE integration run lightweight static analyses and can give feedback at coding time, but SAST tools take longer to run and usually are not able to do so. Can developers interact directly with a cloud-based SAST tool that is typically used in CI/CD through their IDE? We conducted a user study to explore how such IDE support should be designed. Through this study we identified the key design elements expected by developers and investigated whether an IDE solution fits better into developers’ workflow in comparison to a web-based solution.
  • Zeitschriftenartikel
    Improving Real-World Applicability of Static Taint Analysis
    (Softwaretechnik-Trends Band 42, Heft 2, 2022) Luo, Linghui
    Security breaches happen on a daily basis and are a serious threat to our society. Security incidents do not only cost a significant amount of money and company reputation, but can also be a threat to national security. Static taint analysis is a program analysis technique that can be used to prevent a wide range of security vulnerabilities and detect malicious software. This dissertation focuses on improving the real-world applicability of static taint analysis. It addresses three existing problems that hinder the real-world adoption of static taint analysis.
  • Konferenzbeitrag
    TaintBench: Automatic Real-World Malware Benchmarking of Android Taint Analyses
    (Software Engineering 2022, 2022) Luo, Linghui; Pauck, Felix; Piskachev, Goran; Benz, Manuel; Pashchenko, Ivan; Mory, Martin; Bodden, Eric; Hermann, Ben; Massacci, Fabio
    Due to the lack of established real-world benchmark suites for static taint analyses of Android applications, evaluations of these analyses are often restricted and hard to compare. Even in evaluations that do use real-world applications, details about the ground truth in those apps are rarely documented, which makes it difficult to compare and reproduce the results. Our recent study fills this gap. It first defines a set of sensible construction criteria for such a benchmark suite. It further proposes the TaintBench benchmark suite designed to fulfil these construction criteria. Along with the suite, this paper introduces the TaintBench framework, which allows tool-assisted benchmark suite construction, evaluation and inspection. Our experiments using TaintBench reveal new insights of popular Android taint analysis tools.
  • Konferenzbeitrag
    Verbesserung der Praxistauglichkeit der statischen Taint-Analyse
    (D22, 2022) Luo, Linghui
    Statische Taint-Analyse ist eine Programmanalysetechnik, die bösartige Software aufspüren und ein breites Spektrum von Sicherheitslücken aufdecken kann. Obwohl sowohl in der Industrie als auch im akademischen Bereich viele statische Taint-Analyse-Werkzeuge entwickelt wurden, werden nur sehr wenige davon in der Industrie eingesetzt. Diese Kurzfassung stellt meine Dissertation vor, in der ich die Gründe für die mangelnde Nutzung von statische Taint-Analyse-Werkzeuge in der Praxis untersuchte. Ich entwickelte verschiedene Ansätze, die drei erkannte Probleme angehen, um die Praxistauglichkeit der statischen Taint-Analyse zu verbessern.