JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Modular interprocedural pointer analysis using access paths: design, implementation, and evaluation
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Ultra-fast aliasing analysis using CLA: a million lines of C code in a second
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
A Universal Dynamic Trace for Linux and Other Operating Systems
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
An infrastructure for adaptive dynamic optimization
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Pin: building customized program analysis tools with dynamic instrumentation
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Finding application errors and security flaws using PQL: a program query language
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Practical taint-based protection using demand emulation
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Dynamic instrumentation of production systems
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Valgrind: a framework for heavyweight dynamic binary instrumentation
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Understanding data lifetime via whole system simulation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Shredding your garbage: reducing data lifetime through secure deallocation
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Making information flow explicit in HiStar
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
Measuring and characterizing system behavior using kernel-level event logging
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Information flow control for standard OS abstractions
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Automated detection of persistent kernel control-flow attacks
Proceedings of the 14th ACM conference on Computer and communications security
Panorama: capturing system-wide information flow for malware detection and analysis
Proceedings of the 14th ACM conference on Computer and communications security
Improving application security with data flow assertions
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Cross-layer comprehensive intrusion harm analysis for production workload server systems
Proceedings of the 26th Annual Computer Security Applications Conference
A low-overhead, value-tracking approach to information flow security
SEFM'12 Proceedings of the 10th international conference on Software Engineering and Formal Methods
| Hi-index | 0.00 |
In this paper, we present the design, implementation, and evaluation of LeakProber, a framework that leverages the whole system dynamic instrumentation and the inter-procedural analysis to enable data propagation path profiling in production system. We integrate both the static analysis and runtime tracking to establish a holistic and practical approach to generating the sensitive data propagation graph (sDPG) with minimum runtime overhead. We evaluate our system on several data stealing attacks scenario for generating sDPG. The sDPG generated by our system captures multiple aspects of data accessing patterns and provides clear insights into the data leakage path. We also measure the performance of our system and find that it degrades the production system about 6% in the trace-on mode. When our prototype works in the trace-off mode, the runtime overhead is even lower, on an average of 1.5% across each benchmark we run. We believe that it is feasible to directly apply our prototype into production system environment.