Uncovering the Hidden Dangers: Finding Unsafe Go Code in the Wild

Abstract

We present the current state of the art of information flow analyses for Go applications. Based on our findings, we discuss future directions of where static analysis information can be used at runtime to for example achieve higher precision, or optimise runtime checks. We focus specifically on outstanding language features such as closures and message-based communication via channels.

Publication
In 2020 IEEE 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Anna-Katharina Wickert
Anna-Katharina Wickert
PhD student at Technische Universität Darmstadt

My research interests are focused on static code analysis, API-misuses, and software security. Currently, I focus on security problems caused by API-misuses, e.g., for cryptographic APIs.

Related