Abstract
Protecting sensitive data requires controlling the behavior of third part software. Static and dynamic data flow analysis can aid, however both of them have limits. Static analysis often detects false data leaks, whereas the more precise dynamic analysis introduces a significant overhead. This paper proposes a novel hybrid approach that combines static and dynamic data flow analysis for detecting data leaks in Java applications. Our approach minimizes the overhead by computing a minimal set of application points that need to be monitored and injects control code on the target application. Our method has no loss in quality with respect to dynamic analysis. We show the feasibility of our approach by providing a tool and presenting a case study on a sample application.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
