LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Pin: building customized program analysis tools with dynamic instrumentation
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Defeating Memory Corruption Attacks via Pointer Taintedness Detection
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Intermediate-representation recovery from low-level code
Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
QEMU, a fast and portable dynamic translator
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Valgrind: a framework for heavyweight dynamic binary instrumentation
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Understanding data lifetime via whole system simulation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Dytan: a generic dynamic taint analysis framework
Proceedings of the 2007 international symposium on Software testing and analysis
Understanding and visualizing full systems with data flow tomography
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Efficient fine-grained binary instrumentationwith applications to taint-tracking
Proceedings of the 6th annual IEEE/ACM international symposium on Code generation and optimization
BitBlaze: A New Approach to Computer Security via Binary Analysis
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Pointless tainting?: evaluating the practicality of pointer tainting
Proceedings of the 4th ACM European conference on Computer systems
Computer Security: Principles and Practice
Computer Security: Principles and Practice
TAJ: effective taint analysis of web applications
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Taint-based directed whitebox fuzzing
ICSE '09 Proceedings of the 31st International Conference on Software Engineering
Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering
Proceedings of the 16th ACM conference on Computer and communications security
ReFormat: automatic reverse engineering of encrypted messages
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
S2E: a platform for in-vivo multi-path analysis of software systems
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
BAP: a binary analysis platform
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
libdft: practical dynamic data flow tracking for commodity systems
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
DBILL: an efficient and retargetable dynamic binary instrumentation framework using llvm backend
Proceedings of the 10th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Hi-index | 0.00 |
Dynamic information flow tracking is a well-known dynamic software analysis technique with a wide variety of applications that range from making systems more secure, to helping developers and analysts better understand the code that systems are executing. Traditionally, the fine-grained analysis capabilities that are desired for the class of these systems which operate at the binary level require tight coupling to a specific ISA. This places a heavy burden on developers of these systems since significant domain knowledge is required to support each ISA, and the ability to amortize the effort expended on one ISA implementation cannot be leveraged to support other ISAs. Further, the correctness of the system must carefully evaluated for each new ISA. In this paper, we present a general approach to information flow tracking that allows us to support multiple ISAs without mastering the intricate details of each ISA we support, and without extensive verification. Our approach leverages binary translation to an intermediate representation where we have developed detailed, architecture-neutral information flow models. To support advanced instructions that are typically implemented in C code in binary translators, we also present a combined static/dynamic analysis that allows us to accurately and automatically support these instructions. We demonstrate the utility of our system in three different application settings: enforcing information flow policies, classifying algorithms by information flow properties, and characterizing types of programs which may exhibit excessive information flow in an information flow tracking system.