Abstract: A runtime analysis framework (RTA) stores a hierarchical list of input tags and a hierarchical list of output tags. The RTA stores defined vulnerabilities that include associated input tags and output tags. During runtime the software application may receive a request from a user system. The RTA assigns an input tag from the hierarchical list of input tags to an object associated with the request and assigns an output tag from the hierarchical list of output tags to a method generating a response to the request. The RTA identifies one of the defined vulnerabilities as a potential vulnerability if the assigned output tag and output tag associated the potential vulnerability are in a same subtree of the hierarchical list of output tags and the assigned input tag and the input tag associated with the potential vulnerability are in a same subtree of the hierarchical list of input tags.

Abstract: During runtime of the software application, the runtime analysis framework may assign input tags to objects associated with the user requests. The input tags may identify the requests as potentially malicious and carry a security risk. The RTA framework then may assign sanitization tags to the objects identifying security checks performed on the objects during runtime. The RTA framework identifies output responses to the user requests that include the objects and compares the input tags assigned to the objects with any sanitization tags assigned to the objects. The RTA framework may identify the software application as susceptible to a security vulnerability when the input tags for the objects do not include corresponding sanitization tags.

Abstract: Data source information is recorded into a source tracking object embedded in a wrapper object pointing to a data object from the data source. Tracking event information is recorded into a flow tracking object embedded in a wrapper object copy as the tracking event processes the wrapper object copy. Other tracking event information is recorded into another flow tracking object embedded in another wrapper object as the other tracking event processes the other wrapper object. The flow tracking object is associated with the other flow tracking object in response to a field retrieval of the wrapper object copy from the other wrapper object. The wrapper object copy is output to a data sink. Data sink information is recorded into a sink tracking object embedded in the wrapper object copy. The tracking objects are output as dynamic analysis of dataflow in the application program.

Abstract: Bytecode is injected to create a source tracking object for a data object received from a data source and to record information associated with the data source into the source tracking object. Bytecode is injected to create a copy of the data object for a tracking event in an application program, to create a flow tracking object for the tracking event, and to record information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. Bytecode is injected to create a sink tracking object for outputting the copy of the data object to a data sink and to record information associated with the data sink into the sink tracking object. Bytecode is injected to output the source tracking object, the flow tracking object, and the sink tracking object as dynamic analysis of dataflow in the application program.

Abstract: Systems and methods are provided for dynamic analysis wrapper objects for application dataflow. A system creates a wrapper object that points to a data object received from a data source, creates a source tracking object for the wrapper object, and records information associated with the data source into the source tracking object. The system creates a copy of the wrapper object for a tracking event in an application program, creates a flow tracking object for the tracking event, and records information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the wrapper object. The system outputs the copy of the wrapper object to a data sink for the application program, creates a sink tracking object for the data sink, and records information associated with the data sink into the sink tracking object.

Abstract: Systems and methods are provided for dynamic analysis tracking objects for application dataflow. A system receives a data object from a data source, creates a source tracking object for the data object, and records information associated with the data source into the source tracking object. The system creates a copy of the data object for a tracking event in the application program, creates a flow tracking object for the tracking event, and records information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. The system outputs the copy of the data object to a data sink, creates a sink tracking object for the data sink, and records information associated with the data sink into the sink tracking object. The system outputs the source tracking object, the flow tracking object, and the sink tracking object as dynamic analysis of dataflow in the application program.

Abstract: An interpreter is modified to create a source tracking object for a data object received from a data source and to record information associated with the data source into the source tracking object. The interpreter is modified to create a copy of the data object for a tracking event in an application program, to create a flow tracking object for the tracking event, and to record information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. The interpreter is modified to create a sink tracking object for outputting the copy of the data object to a data sink and to record information associated with the data sink into the sink tracking object. The source tracking object, the flow tracking object, and the sink tracking object are output as dynamic analysis of dataflow in the application program.

Abstract: An interpreter is modified to create a source tracking object for a data object received from a data source and to record information associated with the data source into the source tracking object. The interpreter is modified to create a copy of the data object for a tracking event in an application program, to create a flow tracking object for the tracking event, and to record information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. The interpreter is modified to create a sink tracking object for outputting the copy of the data object to a data sink and to record information associated with the data sink into the sink tracking object. The source tracking object, the flow tracking object, and the sink tracking object are output as dynamic analysis of dataflow in the application program.

Abstract: Systems and methods are provided for dynamic analysis wrapper objects for application dataflow. A system creates a wrapper object that points to a data object received from a data source, creates a source tracking object for the wrapper object, and records information associated with the data source into the source tracking object. The system creates a copy of the wrapper object for a tracking event in an application program, creates a flow tracking object for the tracking event, and records information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the wrapper object. The system outputs the copy of the wrapper object to a data sink for the application program, creates a sink tracking object for the data sink, and records information associated with the data sink into the sink tracking object.

Abstract: Data source information is recorded into a source tracking object embedded in a wrapper object pointing to a data object from the data source. Tracking event information is recorded into a flow tracking object embedded in a wrapper object copy as the tracking event processes the wrapper object copy. Other tracking event information is recorded into another flow tracking object embedded in another wrapper object as the other tracking event processes the other wrapper object. The flow tracking object is associated with the other flow tracking object in response to a field retrieval of the wrapper object copy from the other wrapper object. The wrapper object copy is output to a data sink. Data sink information is recorded into a sink tracking object embedded in the wrapper object copy. The tracking objects are output as dynamic analysis of dataflow in the application program.

Abstract: Bytecode is injected to create a source tracking object for a data object received from a data source and to record information associated with the data source into the source tracking object. Bytecode is injected to create a copy of the data object for a tracking event in an application program, to create a flow tracking object for the tracking event, and to record information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. Bytecode is injected to create a sink tracking object for outputting the copy of the data object to a data sink and to record information associated with the data sink into the sink tracking object. Bytecode is injected to output the source tracking object, the flow tracking object, and the sink tracking object as dynamic analysis of dataflow in the application program.

Abstract: Systems and methods are provided for dynamic analysis tracking objects for application dataflow. A system receives a data object from a data source, creates a source tracking object for the data object, and records information associated with the data source into the source tracking object. The system creates a copy of the data object for a tracking event in the application program, creates a flow tracking object for the tracking event, and records information associated with the tracking event into the flow tracking object as the tracking event processes the copy of the data object. The system outputs the copy of the data object to a data sink, creates a sink tracking object for the data sink, and records information associated with the data sink into the sink tracking object. The system outputs the source tracking object, the flow tracking object, and the sink tracking object as dynamic analysis of dataflow in the application program.