{"references": ["Ed Roman and Rickard Oberg, The Business Benefits of EJB and J2EE\nTechnologies over COM+ and Windows DNA, 1999, The Middleware\nCompany", "W. Halfond and A. Orso. AMNESIA: Analysis and Monitoring for\nNEutralizing SQL-Injection Attacks. In Proceedings of the IEEE and\nACM International Conference on Automated Software Engineering\n(ASE 2005), pages 174-183, Long Beach, CA, USA, Nov 2005", "Jlint: a security tool for checking Java source code to find bugs ,\nhttp://artho.com/jlint/", "lapse: security analysis tool for J2EE applications,\nhttp://suif.stanford.edu/~livshits/work/lapse/", "pmd: a security tool for checking Java source code to find bugs ,\nhttp://pmd.sourceforge.net/", "findbugs: a security tool for checking Java code to find bugs ,\nhttp://findbugs.sourceforge.net/", "M. Emami, R. Ghiya, and L. J. Hendren. Context-sensitive\ninterprocedural points-to analysis in the presence of function pointers. In\nProceedings of PLDI-94, pages 242-256, 1994", "N. Heintze and O. Tardieu. Demand-driven pointer analysis. In\nProceedings of PLDI-01, pages 24-34, 2001", "D. Liang, M. Pennings, and M. J. Harrold. Extending and evaluating\nflow-insensitive and context-insensitive points-to analyses for Java. In\nProceedings of PASTE-01, pages 73-79, 2001\n[10] J. Whaley and M. Lam. An efficient inclusion-based points-to analysis for\nstrictly-typed languages. In Static Analysis 9th International Symposium,\nSAS 2002, volume 2477 of LNCS, pages 180-195, 2002.\n[11] L. O. Andersen. Program Analysis and Specialization for the C\nProgramming Language. PhD thesis, University of Copenhagen, May\n1994. (DIKU report 94/19).\n[12] \u00b6\u00c7\u00c7\u2593\u00b6\u00c7\u00fc\u00e6\u00b6\u00c7\u00fc\u00e7\u00b6\u00c7\u00e2\u0192\u00b6\u00c7\u00fc\u00f2\u00b6\u00c7\u00fc\u00ea\u00b6\u00c7\u00fc\u00ec\u00b6\u00c7\u00c7\u00e2\u00b6\u00c7\u00c7\u00bb\u00b6\u00c7\u00fc\u00ef\u00b6\u00c7\u00fc\u00c6\u00b6\u00c7\u00fc\u00f9\u00b6\u00c7\u00e9\u00ecak. SPARK: A Flexible Points-to Analysis Framework for\nJava. Montreal: McGill University, 2003.\n[13] Soot: a Java optimization framework. http://www.sable.mcgill.ca/soot/.\n[14] SAMATE test cases. http://www.samate.nist.gov/SRD /view.php"]}

Today many developers use the Java components collected from the Internet as external LIBs to design and develop their own software. However, some unknown security bugs may exist in these components, such as SQL injection bug may comes from the components which have no specific check for the input string by users. To check these bugs out is very difficult without source code. So a novel method to check the bugs in Java bytecode based on points-to dataflow analysis is in need, which is different to the common analysis techniques base on the vulnerability pattern check. It can be used as an assistant tool for security analysis of Java bytecode from unknown softwares which will be used as extern LIBs.