A Comparative Analysis of Taint Analysis Tools: Enhancing Security Through Combined Static Analysis Approaches
摘要
Taint analysis tools are widely used in the field of software security. However, there is a lack of effective and adaptable tools that can meet the evolving challenges of security in complex and diverse program features. In this paper, we present a comparative study of three prominent taint analyzers, Pysa, Pyt, and Joern, to assess their effectiveness in detecting data leaks or vulnerabilities in Python programs. We propose an approach that combines the capabilities of the taint analysis with the a code property graph-based code property analysis tool. Our findings reveal differences in Pysa and Pyt in different test cases, highlighting the varying degrees of accuracy and efficiency in tracking data flow paths. Our evaluation demonstrated that the three tools generally performed well, minimizing false positives and false negatives, and strengthening applications against security vulnerabilities. This research contributes to a better understanding of the strengths and limitations of these tools in real-world scenarios, providing invaluable guidance to security professionals and developers alike.