中文摘要：

针对现有Web注入型脆弱性检测方案大多只关注过滤型验证而忽略检查型验证这一不足，提出污染驱动的切片方法。以污点分析指导具体的程序切片过程，能够完整地提取程序中的两种验证操作；借助分步的、攻击者视角的字符串分析对验证操作的验证能力进行评价分析，以更准确的检测web注入型脆弱性。实现了一个原型系统Valer，实验结果表明该方法有效降低了分析中的误报率，具有实用价值。

英文摘要：

To solve the problem that most existing approaches find Web injection vulnerabilities only focusing on filter-based validations while ignoring check-based validations, a taint-driven slicing approach is proposed. This approach, specifying program slicing process by taint analysis, extracts both filter-based validations and check-based validations in programs. And by evaluating the ability of these validations on hierarchical string analysis in attacker＇s view, Web injection vulnerabilities are detected more precisely. A prototype tool called Valer is implemented and experimental result shows that this approach can reduce false positives effectively.