SaTC - GitHub
A prototype of Shared-keywords aware Taint Checking (SaTC), a static analysis method that tracks user input between front-end and back-end for vulnerability discovery effectively and …
SaTC自动化漏洞分析和实例测试 - IOTsec-Zone
Sep 5, 2024 · SaTC(Sharing More and Checking Less)是一个创新的开源工具,专为检测嵌入式系统的漏洞设计。 其核心理念是利用共同的输入关键词,以更高效的方式识别潜在的漏 …
2021看雪SDC议题回顾 | SaTC:一种全新的物联网设备漏洞自动化 …
来自上海交通大学的陈力波老师所提出的SaTC:一种全新IoT漏洞自动化挖掘方法,相应的学术论文已发表在国际安全顶会 USENIX Security 2021 上,并经历了充分的实际数据校验,在6个 …
SaTC: Shared-Keyword Aware Taint Checking for Detecting Bugs …
In this article, we propose a novel static taint checking solution, SaTC, to effectively detect security vulnerabilities in border services provided by embedded devices. Our key insight is …
SaTC/README_CN.md at py2_env · NSSL-SJTU/SaTC - GitHub
A prototype of Shared-keywords aware Taint Checking, a novel static analysis approach that tracks the data flow of the user input between front-end and back-end to precisely detect …
SATC-2025 | 1st IEEE Conference on Secure and Trustworthy ...
Abstract: Dr. Amsaad will open the conference, welcoming attendees and providing an overview of the IEEE and SaTC Conference Vision. He will outline key themes, discuss the agenda, and …
Sharing More and Checking Less:SaTC - CSDN博客
Apr 17, 2024 · 文章介绍了一种新的静态污点检测方法SaTC,它利用前端与后端共享的关键字追踪数据流,发现39个固件样本中的33个未知漏洞。 与KARONTE对比,SaTC具有更高的检测效 …
Sharing More and Checking Less: Leveraging Common Input
Nov 8, 2024 · 为此,Libo Chen 等人提出了一种新颖的静态污点检查解决方案 SaTC (Shared-keyword aware Taint Checking),用于高效检测嵌入式设备提供的Web服务中的安全漏洞。核 …
[fuzz论文阅读] Sharing More and Checking Less: satc - CSDN博客
Jan 27, 2022 · satc工作流程. 解压固件包,识别前后端文件; 从前端文件中提取关键字; 在后端文件中定位关键字处理函数,找出与用户输入相关的点; 进行污点分析; satc解决的问题. 从前端中提取 …
论文笔记-Sharing More and Checking Less:SaTC
Nov 8, 2022 · SaTC利用路径探索和污点分析技术来跟踪输入数据,以检测后端的危险使用。 根据固件的独特功能设计了三种优化方法:粗粒度污点引擎、高效路径探索和路径优先策略。