Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
IEEE Transactions on Software Engineering
Undecidability of static analysis
ACM Letters on Programming Languages and Systems (LOPLAS)
The undecidability of aliasing
ACM Transactions on Programming Languages and Systems (TOPLAS)
Efficient context-sensitive pointer analysis for C programs
PLDI '95 Proceedings of the ACM SIGPLAN 1995 conference on Programming language design and implementation
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A decentralized model for information flow control
Proceedings of the sixteenth ACM symposium on Operating systems principles
The SLam calculus: programming with secrecy and integrity
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Memory dependence prediction using store sets
Proceedings of the 25th annual international symposium on Computer architecture
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Modular interprocedural pointer analysis using access paths: design, implementation, and evaluation
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
A note on the confinement problem
Communications of the ACM
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
On the importance of points-to analysis and other memory disambiguation methods for C programs
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Microarchitectural exploration with Liberty
Proceedings of the 35th annual ACM/IEEE international symposium on Microarchitecture
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
A hardware architecture for controlling information flow
ISCA '78 Proceedings of the 5th annual symposium on Computer architecture
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits
Proceedings of the 12th ACM conference on Computer and communications security
ASM: application security monitor
ACM SIGARCH Computer Architecture News - Special issue on the 2005 workshop on binary instrumentation and application
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
Minos: Architectural support for protecting control data
ACM Transactions on Architecture and Code Optimization (TACO)
Authentication Control Point and Its Implications For Secure Processor Design
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Using Branch Correlation to Identify Infeasible Paths for Anomaly Detection
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Raksha: a flexible information flow architecture for software security
Proceedings of the 34th annual international symposium on Computer architecture
A simulation-based proof technique for dynamic information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
Efficient online detection of dynamic control dependence
Proceedings of the 2007 international symposium on Software testing and analysis
Dytan: a generic dynamic taint analysis framework
Proceedings of the 2007 international symposium on Software testing and analysis
Monitoring the monitor: an approach towards trustworthiness in service oriented architecture
2nd international workshop on Service oriented software engineering: in conjunction with the 6th ESEC/FSE joint meeting
Effective memory protection using dynamic tainting
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Hardbound: architectural support for spatial safety of the C programming language
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Understanding and visualizing full systems with data flow tomography
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
A Virtual Machine Based Information Flow Control System for Policy Enforcement
Electronic Notes in Theoretical Computer Science (ENTCS)
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
ISCA '08 Proceedings of the 35th Annual International Symposium on Computer Architecture
Towards Automatically Generating Double-Free Vulnerability Signatures Using Petri Nets
ISC '08 Proceedings of the 11th international conference on Information Security
Securing information flow via dynamic capture of dependencies
Journal of Computer Security - 20th IEEE Computer Security Foundations Symposium (CSF)
Towards automatic reverse engineering of software security configurations
Proceedings of the 15th ACM conference on Computer and communications security
Algorithms and tool support for dynamic information flow analysis
Information and Software Technology
Panalyst: privacy-aware remote error analysis on commodity software
SS'08 Proceedings of the 17th conference on Security symposium
Memory-Centric Security Architecture
Transactions on High-Performance Embedded Architectures and Compilers I
Complete information flow tracking from the gates up
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Static analysis for inference of explicit information flow
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Proceedings of the 41st annual IEEE/ACM International Symposium on Microarchitecture
Testudo: Heavyweight security analysis via statistical sampling
Proceedings of the 41st annual IEEE/ACM International Symposium on Microarchitecture
Putting Trojans on the Horns of a Dilemma: Redundancy for Information Theft Detection
Transactions on Computational Science IV
Staged information flow for javascript
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Laminar: practical fine-grained decentralized information flow control
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
PIFT: efficient dynamic information flow tracking using secure page allocation
WESS '09 Proceedings of the 4th Workshop on Embedded Systems Security
Execution leases: a hardware-supported mechanism for enforcing strong non-interference
Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
Policy-based intrusion detection in web applications by monitoring Java information flows
International Journal of Information and Computer Security
Toward trustworthy mobile sensing
Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications
Neon: system support for derived data management
Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Shoestring: probabilistic soft error reliability on the cheap
Proceedings of the fifteenth edition of ASPLOS on Architectural support for programming languages and operating systems
ACM SIGOPS Operating Systems Review
Information flow testing: the third path towards confidentiality guarantee
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Automata-based confidentiality monitoring
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Secure information flow analysis for hardware design: using the right abstraction for the job
PLAS '10 Proceedings of the 5th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security
Strict control dependence and its effect on dynamic information flow analyses
Proceedings of the 19th international symposium on Software testing and analysis
Proceedings of the 3rd international conference on Security of information and networks
Garm: cross application data provenance and policy enforcement
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Hardware enforcement of application security policies using tagged memory
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
An empirical study of privacy-violating information flows in JavaScript web applications
Proceedings of the 17th ACM conference on Computer and communications security
Architectural support for low overhead detection of memory violations
Proceedings of the Conference on Design, Automation and Test in Europe
Proceedings of the 2010 workshop on New security paradigms
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
LeakProber: a framework for profiling sensitive data leakage paths
Proceedings of the first ACM conference on Data and application security and privacy
TaintEraser: protecting sensitive data leaks using application-level taint tracking
ACM SIGOPS Operating Systems Review
CRePE: context-related policy enforcement for android
ISC'10 Proceedings of the 13th international conference on Information security
Cross-application data provenance and policy enforcement
ACM Transactions on Information and System Security (TISSEC)
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Caisson: a hardware description language for secure information flow
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Virtual machine monitor-based lightweight intrusion detection
ACM SIGOPS Operating Systems Review
Proceedings of the 18th ACM conference on Computer and communications security
Taint-exchange: a generic system for cross-process and cross-host taint tracking
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
Memory-centric security architecture
HiPEAC'05 Proceedings of the First international conference on High Performance Embedded Architectures and Compilers
Dataflow Tomography: Information Flow Tracking For Understanding and Visualizing Full Systems
ACM Transactions on Architecture and Code Optimization (TACO)
libdft: practical dynamic data flow tracking for commodity systems
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Representation-Independent data usage control
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
An empirical study of automatic event reconstruction systems
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Inspection resistant memory: architectural support for security from physical examination
Proceedings of the 39th Annual International Symposium on Computer Architecture
Static secure page allocation for light-weight dynamic information flow tracking
Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embedded systems
A software-hardware architecture for self-protecting data
Proceedings of the 2012 ACM conference on Computer and communications security
Boosting instruction set simulator performance with parallel block optimisation and replacement
ACSC '12 Proceedings of the Thirty-fifth Australasian Computer Science Conference - Volume 122
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
Communications of the ACM
Leveraging speculative architectures for runtime program validation
ACM Transactions on Embedded Computing Systems (TECS)
AppIntent: analyzing sensitive data transmission in android for privacy leakage detection
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
CloudSweeper: enabling data-centric document management for secure cloud archives
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
A verified information-flow architecture
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
WHISK: an uncore architecture for dynamic information flow tracking in heterogeneous embedded SoCs
Proceedings of the Ninth IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis
On quantitative dynamic data flow tracking
Proceedings of the 4th ACM conference on Data and application security and privacy
Runtime verification using policy-based approach to control information flow
International Journal of Security and Networks
| Hi-index | 0.02 |
Even as modern computing systems allow the manipulation and distribution of massive amounts of information, users of these systems are unable to manage the confidentiality of their data in a practical fashion. Conventional access control security mechanisms cannot prevent the illegitimate use of privileged data once access is granted. For example, information provided by a user during an online purchase may be covertly delivered to malicious third parties by an untrustworthy web browser. Existing information-flow security mechanisms do provide this assurance, but only for programmer-specified policies enforced during program development as a static analysis on special-purpose type-safe languages. Not only are these techniques not applicable to many commonly used programs, but they leave the user with no defense against malicious programmers or altered binaries. In this paper, we propose RIFLE, a runtime information-flow security system designed from the user's perspective. By addressing information-flow security using architectural support, RIFLE gives users a practical way to enforce their own information-flow security policy on all programs. We prove that, contrary to statements in the literature, run-time systems like RIFLE are no less secure than existing language-based techniques. Using a model of the architectural framework and a binary translator, we demonstrate RIFLE's correctness and illustrate that the performance cost is reasonable.