Static Detection of Logic Vulnerabilities in Java Web Applications

Logic vulnerabilities occur when mistakes arise in the control flow associated to critical functionalities. We propose a lightweight static analysis approach to detect logic vulnerabilities in Java Web applications. The core idea of our approach is to discover deviant behaviors among duplication samples. Program slicing technique is leveraged to extract duplicated invocations targeted similar functionalities. Subsequently, path exploration is conducted to split slices into several path sensitive slices. Then we make comparison between any two similar slices on their path condition, and report the slices with abnormal path condition as logic vulnerabilities. We implemented our approach in a prototype tool named LVD (Logic Vulnerability Detector), and evaluated it on seven real world applications scaled from thousands to million lines of code. The evaluation results show that our approach achieves bigger coverage with acceptable cost and better scalability than previous approaches.