TY - GEN
T1 - Identification of data propagation paths for efficient dynamic information flow tracking
AU - Mallissery, Sanoop
AU - Wu, Yu-Sung
AU - Hsieh, Chih Hao
AU - Bau, Chun An
PY - 2020/3/30
Y1 - 2020/3/30
N2 - Dynamic information flow tracking is a positive step towards the prevention of untrusted data injection and protection from possible exploits of such data. This emphasizes the importance of tracking the suspicious data flows at run-time to ensure neither the exploitation of data nor security violation. In this work, we have contemplated enhancing the competence of Static Taint Tracking (STT) to seamlessly support Dynamic Taint Tracking (DTT) using data flow analysis. The concept of definition-used (def-use) is used for source code analysis to capture the potential taint propagation paths represented using the Data Flow Graph (DFG). The extracted paths from the DFG provides prior information about all the potential taint propagation paths which extensively needed to be considered for DTT. We have tested our proposed methodology on some well-known benchmarks such as Firefox, SQLite3, Gzip, and Zlib. It is observed that the proposed method can identify all potential taint source propagation paths that cover pointers, branch conditions, inter-procedure, and inter-module data flows. The evaluation results show that this work will be very useful in guiding the dynamic taint tracking to achieve efficient and accurate detection of suspicious information flow.
AB - Dynamic information flow tracking is a positive step towards the prevention of untrusted data injection and protection from possible exploits of such data. This emphasizes the importance of tracking the suspicious data flows at run-time to ensure neither the exploitation of data nor security violation. In this work, we have contemplated enhancing the competence of Static Taint Tracking (STT) to seamlessly support Dynamic Taint Tracking (DTT) using data flow analysis. The concept of definition-used (def-use) is used for source code analysis to capture the potential taint propagation paths represented using the Data Flow Graph (DFG). The extracted paths from the DFG provides prior information about all the potential taint propagation paths which extensively needed to be considered for DTT. We have tested our proposed methodology on some well-known benchmarks such as Firefox, SQLite3, Gzip, and Zlib. It is observed that the proposed method can identify all potential taint source propagation paths that cover pointers, branch conditions, inter-procedure, and inter-module data flows. The evaluation results show that this work will be very useful in guiding the dynamic taint tracking to achieve efficient and accurate detection of suspicious information flow.
KW - Information flow tracking
KW - Software security
KW - Source code analysis
KW - Static taint tracking
KW - Taint analysis and propagation
UR - http://www.scopus.com/inward/record.url?scp=85083032674&partnerID=8YFLogxK
U2 - 10.1145/3341105.3373876
DO - 10.1145/3341105.3373876
M3 - Conference contribution
AN - SCOPUS:85083032674
T3 - Proceedings of the ACM Symposium on Applied Computing
SP - 92
EP - 99
BT - 35th Annual ACM Symposium on Applied Computing, SAC 2020
PB - Association for Computing Machinery
T2 - 35th Annual ACM Symposium on Applied Computing, SAC 2020
Y2 - 30 March 2020 through 3 April 2020
ER -