Publication Date


Document Type


Committee Members

Junjie Zhang, Ph.D. (Advisor); Meilin Liu, Ph.D. (Committee Member); Bin Wang, Ph.D. (Committee Member)

Degree Name

Master of Science (MS)


This thesis presents the design, the implementation, and the evaluation of a database-oriented static program analysis engine for the PHP programming language. This engine analyzes PHP programs by representing their semantics using a graph-based data structure, which will be subsequently stored into a graph database. Such scheme will fundamentally facilitate various program analysis tasks such as static taint analysis, visualization, and data mining. Specifically, these complex program analysis tasks can now be translated into built-in declarative graph database operations with rich features. Our engine fundamentally differs from other existing static program analysis systems that mainly leverage intermediate representation (IRs) to perform analysis. Specifically, our engine leverages the graph-based output of the “Uchecker” system; it translates the output into graph files with the form of CSV and then directly inserts them into a graph database. Our engine offers several unique advantages. First, static program analysis tasks could now be implemented using database queries. Second, our engine supports interactive program analysis through the graph database. Third, through our designed query templates, our engine can perform fine-grained program analysis such as data flow analysis on selected variables. We have applied our engine to analyze PHP programs collected from public program repositories such as GitHub and WordPress, where the experimental results have demonstrated the great effectiveness and efficiency of our system.

Page Count


Department or Program

Department of Computer Science and Engineering

Year Degree Awarded


Creative Commons License

Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License.