论文信息 - Detecting SOQL-injection vulnerabilities in SalesForce applications

Detecting SOQL-injection vulnerabilities in SalesForce applications

The two most common web-attacks used by hackers to steal data are SQL-injection and cross-site scripting (XSS). These are examples of taint vulnerabilities where maliciously crafted code (for example, a SQL query) is injected into a Web application by embedding it inside innocuous looking user inputs. We present the design of TRAP (Taint Removal and Analysis Platform), a static data-flow analysis tool to detect SOQL-injection problems in SalesForce applications. TRAP is designed to be language independent as it uses an XML intermediate language called STAC (STatic Analysis Code), on which the analysis is done. Currently, we have implemented STAC compilers for Apex and Java.

Shubhashis Sengupta | Amitabh Saxena | Amit Chakraborty | Vikrant S. Kaulgud | Pradeepkumar Duraisamy

[1] Thomas W. Reps,et al. Solving Demand Versions of Interprocedural Analysis Problems , 1994, CC.

[2] Benjamin Livshits,et al. Finding Security Vulnerabilities in Java Applications with Static Analysis , 2005, USENIX Security Symposium.

[3] Letizia Tanca,et al. What you Always Wanted to Know About Datalog (And Never Dared to Ask) , 1989, IEEE Trans. Knowl. Data Eng..

[4] Jeffrey D. Ullman,et al. A Survey of Research in Deductive Database Systems , 1995 .

[5] Benjamin Livshits,et al. Context-sensitive program analysis as database queries , 2005, PODS.

[6] Benjamin Livshits,et al. Finding application errors and security flaws using PQL: a program query language , 2005, OOPSLA '05.

[7] Christian Callegari,et al. Advances in Computing, Communications and Informatics (ICACCI) , 2015 .

[8] Monica S. Lam,et al. Cloning-based context-sensitive pointer alias analysis using binary decision diagrams , 2004, PLDI '04.

[9] Jeffrey D. Ullman,et al. A survey of deductive database systems , 1995, J. Log. Program..

[10] Hong-Seok Kim,et al. Bottom-Up and Top-Down Context-Sensitive Summary-Based Pointer Analysis , 2004, SAS.