Mixed-mode Information Flow Tracking with Compile-time Taint Semantics Extraction and Offline Replay

Yu Hsin Hung, Bing Jhong Jheng, Hong Wei Li, Wen Yang Lai, Sanoop Mallissery, Yu-Sung Wu

研究成果: Conference contribution同行評審

2 引文 斯高帕斯(Scopus)

摘要

Static information flow analysis (IFA) and dynamic information flow tracking (DIFT) have been widely employed in offline security analysis of computer programs. As security attacks become more sophisticated, there is a rising need for IFA and DIFT in production environment. However, existing systems usually deal with IFA and DIFT separately, and most DIFT systems incur significant performance overhead. We propose MIT to facilitate IFA and DIFT in online production environment. MIT offers mixed-mode information flow tracking at byte-granularity and incurs moderate runtime performance overhead. The core techniques consist of the extraction of taint semantics intermediate representation (TSIR) at compile-time and the decoupled execution of TSIR for information flow analysis. We conducted an extensive performance overhead evaluation on MIT to confirm its applicability in production environment. We also outline potential applications of MIT, including the implementation of data provenance checking and information flow based anomaly detection in real-world applications.

原文English
主出版物標題2021 IEEE Conference on Dependable and Secure Computing, DSC 2021
發行者Institute of Electrical and Electronics Engineers Inc.
頁數8
ISBN(電子)9781728175348
DOIs
出版狀態Published - 30 1月 2021
事件2021 IEEE Conference on Dependable and Secure Computing, DSC 2021 - Aizuwakamatsu, Fukushima, Japan
持續時間: 30 1月 20212 2月 2021

出版系列

名字2021 IEEE Conference on Dependable and Secure Computing, DSC 2021

Conference

Conference2021 IEEE Conference on Dependable and Secure Computing, DSC 2021
國家/地區Japan
城市Aizuwakamatsu, Fukushima
期間30/01/212/02/21

指紋

深入研究「Mixed-mode Information Flow Tracking with Compile-time Taint Semantics Extraction and Offline Replay」主題。共同形成了獨特的指紋。

引用此