EEL: machine-independent executable editing
PLDI '95 Proceedings of the ACM SIGPLAN 1995 conference on Programming language design and implementation
Bochs: A Portable PC Emulator for Unix/X
Linux Journal
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Retargetable and reconfigurable software dynamic translation
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Pin: building customized program analysis tools with dynamic instrumentation
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Defeating Memory Corruption Attacks via Pointer Taintedness Detection
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Proceedings of the 12th ACM conference on Computer and communications security
Software-Based Transparent and Comprehensive Control-Flow Error Detection
Proceedings of the International Symposium on Code Generation and Optimization
BIRD: Binary Interpretation using Runtime Disassembly
Proceedings of the International Symposium on Code Generation and Optimization
TaintTrace: Efficient Flow Tracing with Dynamic Binary Rewriting
ISCC '06 Proceedings of the 11th IEEE Symposium on Computers and Communications
Using positive tainting and syntax-aware evaluation to counter SQL injection attacks
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Extended Protection against Stack Smashing Attacks without Performance Loss
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
A General Dynamic Information Flow Tracking Framework for Security Applications
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Using Valgrind to detect undefined value errors with bit-precision
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
QEMU, a fast and portable dynamic translator
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Valgrind: a framework for heavyweight dynamic binary instrumentation
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Efficient techniques for comprehensive protection from memory error exploits
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
How to shadow every byte of memory used by a program
Proceedings of the 3rd international conference on Virtual execution environments
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Panorama: capturing system-wide information flow for malware detection and analysis
Proceedings of the 14th ACM conference on Computer and communications security
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
DIVINE: discovering variables in executables
VMCAI'07 Proceedings of the 8th international conference on Verification, model checking, and abstract interpretation
Defending against injection attacks through context-sensitive string evaluation
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Loop-extended symbolic execution on binary programs
Proceedings of the eighteenth international symposium on Software testing and analysis
LEAKPOINT: pinpointing the causes of memory leaks
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Efficient dynamic program monitoring on multi-core systems
Journal of Systems Architecture: the EUROMICRO Journal
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
TaintEraser: protecting sensitive data leaks using application-level taint tracking
ACM SIGOPS Operating Systems Review
Taint-enhanced anomaly detection
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Minemu: the world's fastest taint tracker
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Architecture-Independent dynamic information flow tracking
CC'13 Proceedings of the 22nd international conference on Compiler Construction
DroidChameleon: evaluating Android anti-malware against transformation attacks
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
Communications of the ACM
USENIX ATC'13 Proceedings of the 2013 USENIX conference on Annual Technical Conference
A platform for secure static binary instrumentation
Proceedings of the 10th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Hi-index | 0.02 |
Fine-grained binary instrumentations, such as those for taint-tracking, have become very popular in computer security due to their applications in exploit detection, sandboxing, malware analysis, etc. However, practical application of taint-tracking has been limited by high performance overheads. For instance, previous software based techniques for taint-tracking on binary code have typically slowed down programs by a factor of 3 or more. In contrast, source-code based techniques have achieved better performance using high level optimizations. Unfortunately, these optimizations are difficult to perform on binaries since much of the high level program structure required by such static analyses is lost during the compilation process. In this paper, we address this challenge by developing static techniques that can recover some of the higher level structure from x86 binaries. Our new static analysis enables effective optimizations, which are applied in the context of taint tracking. As a result, we achieve a substantial reduction in performance overheads as compared to previous works.