Overview
SecureFlow is a lightweight, research-oriented static analysis tool designed to demonstrate core taint tracking concepts used in software security research. The design prioritizes clarity, modularity, and extensibility over completeness.
High-Level Architecture
Java Source File
↓
JavaParser (AST Generation)
↓
TaintAnalyzer (AST Visitor)
↓
Issue Collection
↓
Report Generation
Core Components
AST Parsing
SecureFlow uses JavaParser to convert Java source files into an Abstract Syntax Tree (AST). This enables precise static inspection of program structure without executing code.
TaintAnalyzer
The analysis engine is implemented using the Visitor pattern. It tracks taint across:
- Local variables
- Object fields (limited field sensitivity)
- Method call propagation
Taint propagation is conservative to avoid false negatives, a common trade-off in static security analysis.
Rule Configuration
Security rules are loaded from an external JSON configuration file. This includes:
- Dangerous methods (sinks)
- Sanitizer methods
- Severity levels per sink
This design cleanly separates analysis logic from security policy.
Reporting Engine
Detected issues are formatted into a structured, human-readable report with:
- Rule ID
- Severity
- Line number
- Clear explanation
Analysis Characteristics
- Static analysis
- Intraprocedural
- Flow-sensitive
- Limited field-sensitive
- Not interprocedural
Extensibility
SecureFlow is designed to support incremental research extensions, including:
- Interprocedural taint propagation
- Control-flow graph (CFG) integration
- Path-sensitive analysis
- Machine-readable output formats (JSON, SARIF)