Related papers: WhyFlow: Interrogative Debugger for Sensemaking Taint Analysis

WhyFlow: Interrogative Debugger for Sensemaking Taint Analysis

URL: http://arxiv.org/abs/2508.07198v2
Date: Mon, 20 Oct 2025 23:29:36 GMT
Title: WhyFlow: Interrogative Debugger for Sensemaking Taint Analysis
Authors: Burak Yetiştiren, Hong Jin Kang, Miryung Kim,
Abstract summary: We propose TraceLens, a first end-user question-answer style debug interface for taint analysis.<n>It enables a user to ask why, why-not, and what-if questions to investigate the existence of suspicious flows.<n>Users using TraceLens achieved 21% higher accuracy on average, compared to CodeQL.
Score: 7.775251571960133
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Taint analysis is a security analysis technique used to track the flow of potentially dangerous data through an application and its dependent libraries. Investigating why certain unexpected flows appear and why expected flows are missing is an important sensemaking process during end-user taint analysis. Existing taint analysis tools often do not provide this end-user debugging capability, where developers can ask why, why-not, and what-if questions about dataflows and reason about the impact of configuring sources and sinks, and models of 3rd-party libraries that abstract permissible and impermissible data flows. Furthermore, a tree-view or a list-view used in existing taint-analyzer's visualization makes it difficult to reason about the global impact on connectivity between multiple sources and sinks. Inspired by the insight that sensemaking tool-generated results can be significantly improved by a QA inquiry process, we propose TraceLens, a first end-user question-answer style debugging interface for taint analysis. It enables a user to ask why, why-not, and what-if questions to investigate the existence of suspicious flows, the non-existence of expected flows, and the global impact of third-party library models. TraceLens performs speculative what-if analysis, to help a user in debugging how different connectivity assumptions affect overall results. A user study with 12 participants shows that participants using TraceLens achieved 21% higher accuracy on average, compared to CodeQL. They also reported a 45% reduction in mental demand (NASA-TLX) and rated higher confidence in identifying relevant flows using TraceLens.

Related papers

TraceSIR: A Multi-Agent Framework for Structured Analysis and Reporting of Agentic Execution Traces [32.4073751390339]
We propose TraceSIR, a framework for structured analysis and reporting of agentic execution traces.<n>TraceSIR coordinates three specialized agents: StructureAgent, InsightAgent, and ReportAgent.<n>Experiments show that TraceSIR consistently produces coherent, informative, and actionable reports.
arXiv Detail & Related papers (2026-02-28T12:33:24Z)
Why Authors and Maintainers Link (or Don't Link) Their PyPI Libraries to Code Repositories and Donation Platforms [83.16077040470975]
Metadata of libraries on the Python Package Index (PyPI) plays a critical role in supporting the transparency, trust, and sustainability of open-source libraries.<n>This paper presents a large-scale empirical study combining two targeted surveys sent to 50,000 PyPI authors and maintainers.<n>We analyze more than 1,400 responses using large language model (LLM)-based topic modeling to uncover key motivations and barriers related to linking repositories and donation platforms.
arXiv Detail & Related papers (2026-01-21T16:13:57Z)
Multi-Agent Taint Specification Extraction for Vulnerability Detection [49.27772068704498]
Static Application Security Testing (SAST) tools using taint analysis are widely viewed as providing higher-quality vulnerability detection results.<n>We present SemTaint, a multi-agent system that strategically combines the semantic understanding of Large Language Models (LLMs) with traditional static program analysis.<n>We integrate SemTaint with CodeQL, a state-of-the-art SAST tool, and demonstrate its effectiveness by detecting 106 of 162 vulnerabilities previously undetectable by CodeQL.
arXiv Detail & Related papers (2026-01-15T21:31:51Z)
TAAF: A Trace Abstraction and Analysis Framework Synergizing Knowledge Graphs and LLMs [3.2839783281320085]
This paper introduces TAAF (Trace Abstraction and Analysis Framework), a novel approach to transform raw trace data into actionable insights.<n>An LLM interprets query-specific subgraphs to answer natural-language questions, reducing the need for manual inspection.<n>Experiments show that TAAF improves answer accuracy by up to 31.2%, particularly in multi-hop and causal reasoning tasks.
arXiv Detail & Related papers (2026-01-06T01:04:05Z)
VeriMinder: Mitigating Analytical Vulnerabilities in NL2SQL [11.830097026198308]
Application systems using natural language interfaces to databases (NLIDBs) have democratized data analysis.<n>This has also brought forth an urgent challenge to help users who might use these systems without a background in statistical analysis.<n>We present VeriMinder, https://veriminder.ai, an interactive system for detecting and mitigating such analytical vulnerabilities.
arXiv Detail & Related papers (2025-07-23T19:48:12Z)
Scalable Language Agnostic Taint Tracking using Explicit Data Dependencies [0.42855555838080833]
This paper presents the design and implementation of a system for a language-agnostic data-dependence representation.<n>We contribute this data-flow analysis system to the open-source code analysis platform Joern making it available to the community.
arXiv Detail & Related papers (2025-06-06T17:15:59Z)
Follow the Flow: Fine-grained Flowchart Attribution with Neurosymbolic Agents [106.04963073116468]
Flowcharts are a critical tool for visualizing decision-making processes.<n> vision-language models frequently hallucinate nonexistent connections and decision paths when analyzing these diagrams.<n>We introduce Fine-grained Flowchart, which traces specific components grounding a flowchart referring LLM response.<n>We propose FlowPathAgent, a neurosymbolic agent that performs fine-grained post hoc attribution through graph-based reasoning.
arXiv Detail & Related papers (2025-06-02T06:02:41Z)
Retrieval-Augmented Generation with Conflicting Evidence [57.66282463340297]
Large language model (LLM) agents are increasingly employing retrieval-augmented generation (RAG) to improve the factuality of their responses.<n>In practice, these systems often need to handle ambiguous user queries and potentially conflicting information from multiple sources.<n>We propose RAMDocs (Retrieval with Ambiguity and Misinformation in Documents), a new dataset that simulates complex and realistic scenarios for conflicting evidence for a user query.
arXiv Detail & Related papers (2025-04-17T16:46:11Z)
Detecting LLM Hallucination Through Layer-wise Information Deficiency: Analysis of Ambiguous Prompts and Unanswerable Questions [60.31496362993982]
Large language models (LLMs) frequently generate confident yet inaccurate responses.<n>We present a novel, test-time approach to detecting model hallucination through systematic analysis of information flow.
arXiv Detail & Related papers (2024-12-13T16:14:49Z)
Unified Semantic Log Parsing and Causal Graph Construction for Attack Attribution [3.9936021096611576]
Multi-source logs provide a comprehensive overview of ongoing system activities, allowing for in-depth analysis to detect potential threats. A practical approach for threat detection involves explicit extraction of entity triples (subject, action, object) towards building graphs to facilitate the analysis of system behavior. We contribute with a novel unified framework coined UTL, which adopts semantic analysis to construct causal graphs by merging multiple sub-graphs from individual log sources.
arXiv Detail & Related papers (2024-11-22T21:40:19Z)
LLMDFA: Analyzing Dataflow in Code with Large Language Models [8.92611389987991]
This paper presents LLMDFA, a compilation-free and customizable dataflow analysis framework. We decompose the problem into several subtasks and introduce a series of novel strategies. On average, LLMDFA achieves 87.10% precision and 80.77% recall, surpassing existing techniques with F1 score improvements of up to 0.35.
arXiv Detail & Related papers (2024-02-16T15:21:35Z)
PyRCA: A Library for Metric-based Root Cause Analysis [66.72542200701807]
PyRCA is an open-source machine learning library of Root Cause Analysis (RCA) for Artificial Intelligence for IT Operations (AIOps) It provides a holistic framework to uncover the complicated metric causal dependencies and automatically locate root causes of incidents.
arXiv Detail & Related papers (2023-06-20T09:55:10Z)
Salesforce CausalAI Library: A Fast and Scalable Framework for Causal Analysis of Time Series and Tabular Data [76.85310770921876]
We introduce the Salesforce CausalAI Library, an open-source library for causal analysis using observational data. The goal of this library is to provide a fast and flexible solution for a variety of problems in the domain of causality.
arXiv Detail & Related papers (2023-01-25T22:42:48Z)
Competency Problems: On Finding and Removing Artifacts in Language Data [50.09608320112584]
We argue that for complex language understanding tasks, all simple feature correlations are spurious. We theoretically analyze the difficulty of creating data for competency problems when human bias is taken into account.
arXiv Detail & Related papers (2021-04-17T21:34:10Z)
Supervised Feature Selection Techniques in Network Intrusion Detection: a Critical Review [9.177695323629896]
Machine Learning techniques are becoming an invaluable support for network intrusion detection. Dealing with the vast diversity and number of features that typically characterize data traffic is a hard problem. By reducing the feature space and retaining only the most significant features, Feature Selection (FS) becomes a crucial pre-processing step in network management.
arXiv Detail & Related papers (2021-04-11T08:42:01Z)

This list is automatically generated from the titles and abstracts of the papers in this site.