K-Taint: An Executable Rewriting Logic Semantics for Taint Analysis in the K Framework

Md. Imran Alam, Raju Halder, Harshita Goswami, Jorge Sousa Pinto

2018

Abstract

The K framework is a rewrite logic-based framework for defining programming language semantics suitable for formal reasoning about programs and programming languages. In this paper, we present K-Taint , a rewriting logic-based executable semantics in the K framework for taint analysis of an imperative programming language. Our K semantics can be seen as a sound approximation of programs semantics in the corresponding security type domain. More specifically, as a foundation to this objective, we extend to the case of taint analysis the semantically sound flow-sensitive security type system by Hunt and Sands, considering a support to the interprocedural analysis as well. With respect to the existing methods, K-Taint supports context- and flow-sensitive analysis, reduces false alarms, and provides a scalable solution. Experimental evaluation on several benchmark codes demonstrates encouraging results as an improvement in the precision of the analysis.

Download


Paper Citation


in Harvard Style

Alam M., Halder R., Goswami H. and Sousa Pinto J. (2018). K-Taint: An Executable Rewriting Logic Semantics for Taint Analysis in the K Framework.In Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE, ISBN 978-989-758-300-1, pages 359-366. DOI: 10.5220/0006786603590366


in Bibtex Style

@conference{enase18,
author={Md. Imran Alam and Raju Halder and Harshita Goswami and Jorge Sousa Pinto},
title={K-Taint: An Executable Rewriting Logic Semantics for Taint Analysis in the K Framework},
booktitle={Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,},
year={2018},
pages={359-366},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006786603590366},
isbn={978-989-758-300-1},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering - Volume 1: ENASE,
TI - K-Taint: An Executable Rewriting Logic Semantics for Taint Analysis in the K Framework
SN - 978-989-758-300-1
AU - Alam M.
AU - Halder R.
AU - Goswami H.
AU - Sousa Pinto J.
PY - 2018
SP - 359
EP - 366
DO - 10.5220/0006786603590366