This invention relates generally to executing programs and, more specifically, relates to security checks for executing programs.
Ensuring that modern software systems are free of security vulnerabilities is a daunting, and oftentimes infeasible, task. Such systems mostly comprise millions of lines of code, including third-party and remote components. Moreover, the measures that need be taken to prevent potential attacks are, in most cases, far from being straightforward, as they depend on the state of the application, the exact content of the (potentially malicious) data being processed, and the use(s) the application is about to make of that data.
The problem is aggravated when it comes to Web applications, which—by design—feed on untrusted data, in the form user input. Web applications often access security-sensitive resources, such as a database, a file system, or a socket. In some cases, Web applications also mediate information between their users (e.g., in the case of a forum). The problem of securing Web applications against malicious attacks has therefore been the focus of intensive research during the last decade.
Traditionally, research on software security has concentrated on static-analysis techniques for the detection—rather than prevention—of security vulnerabilities. While being instrumental and insightful, this venue of research is currently limited, in that the state-of-the-art in static-analysis theory does not provide any compelling trade-off between precision and scalability assuming a sound report. This makes sound solutions based on static-analysis techniques impractical when it comes to modern software systems, since the analysis either does not scale or produces a tremendous number of false reports.