University of Twente Student Theses
A study on static taint analysis techniques in Ruby
Smit, P.J.M. (2025) A study on static taint analysis techniques in Ruby.
|
PDF
2MB |
| Abstract: | This study aimed to address the lack of scientific research in static analysis for security in Ruby (on Rails) applications. We created a benchmark consisting of real vulnerabilities to evaluate two prominent security tools, as well as a Ruby-specific implementation of three techniques to enhance the performance of existing tools (in our case CodeQL). Overall, statically finding vulnerabilities in a dynamic language such as Ruby is and remains a difficult problem since the causes of vulnerabilities vary significantly per project. We hope that this work will aid future research efforts into security for projects written in Ruby (on Rails). |
| Item Type: | Essay (Master) |
| Clients: | Moneybird, Enschede, The Netherlands |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science MSc (60300) |
| Link to this item: | https://purl.utwente.nl/essays/106403 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page