A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Shade: a fast instruction-set simulator for execution profiling
SIGMETRICS '94 Proceedings of the 1994 ACM SIGMETRICS conference on Measurement and modeling of computer systems
Dynamo: a transparent dynamic optimization system
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Inside Microsoft Windows 2000
Complete Computer System Simulation: The SimOS Approach
IEEE Parallel & Distributed Technology: Systems & Technology
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Using Programmer-Written Compiler Extensions to Catch Security Holes
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Data remanence in semiconductor devices
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Scrash: a system for generating secure crash information
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Software generation of practically strong random numbers
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Secure deletion of data from magnetic and solid-state memory
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Run-time type checking for binary programs
CC'03 Proceedings of the 12th international conference on Compiler construction
The taser intrusion recovery system
Proceedings of the twentieth ACM symposium on Operating systems principles
Toward a threat model for storage systems
Proceedings of the 2005 ACM workshop on Storage security and survivability
Data lifetime is a systems problem
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Secure deletion myths, issues, and solutions
Proceedings of the second ACM workshop on Storage security and survivability
Scanning electronic documents for personally identifiable information
Proceedings of the 5th ACM workshop on Privacy in electronic society
Minos: Architectural support for protecting control data
ACM Transactions on Architecture and Code Optimization (TACO)
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Practical taint-based protection using demand emulation
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Automatic high-performance reconstruction and recovery
Computer Networks: The International Journal of Computer and Telecommunications Networking
Threats to privacy in the forensic analysis of database systems
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Raksha: a flexible information flow architecture for software security
Proceedings of the 34th annual international symposium on Computer architecture
Shredding your garbage: reducing data lifetime through secure deallocation
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
A simulation-based proof technique for dynamic information flow
Proceedings of the 2007 workshop on Programming languages and analysis for security
Dytan: a generic dynamic taint analysis framework
Proceedings of the 2007 international symposium on Software testing and analysis
Panorama: capturing system-wide information flow for malware detection and analysis
Proceedings of the 14th ACM conference on Computer and communications security
Polyglot: automatic extraction of protocol message format using dynamic binary analysis
Proceedings of the 14th ACM conference on Computer and communications security
Effective memory protection using dynamic tainting
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Aiding side-channel attacks on cryptographic software with satisfiability-based analysis
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Understanding and visualizing full systems with data flow tomography
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Remote detection of virtual machine monitors with fuzzy benchmarking
ACM SIGOPS Operating Systems Review
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Characterizing Bots' Remote Control Behavior
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
PETS '08 Proceedings of the 8th international symposium on Privacy Enhancing Technologies
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
When cryptography meets storage
Proceedings of the 4th ACM international workshop on Storage security and survivability
BitBlaze: A New Approach to Computer Security via Binary Analysis
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Static analysis for inference of explicit information flow
Proceedings of the 8th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Staged information flow for javascript
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Measuring channel capacity to distinguish undue influence
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Malyzer: Defeating Anti-detection for Application-Level Malware Analysis
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Proceedings of the 2008 workshop on New security paradigms
Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering
Proceedings of the 16th ACM conference on Computer and communications security
Emulating emulation-resistant malware
Proceedings of the 1st ACM workshop on Virtual machine security
Control flow obfuscation with information flow tracking
Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
Neon: system support for derived data management
Proceedings of the 6th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Residue objects: a challenge to web browser security
Proceedings of the 5th European conference on Computer systems
ReFormat: automatic reverse engineering of encrypted messages
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
A survey of confidential data storage and deletion methods
ACM Computing Surveys (CSUR)
An empirical study of privacy-violating information flows in JavaScript web applications
Proceedings of the 17th ACM conference on Computer and communications security
Architectural support for low overhead detection of memory violations
Proceedings of the Conference on Design, Automation and Test in Europe
HookScout: proactive binary-centric hook detection
DIMVA'10 Proceedings of the 7th international conference on Detection of intrusions and malware, and vulnerability assessment
Proceedings of the 2010 workshop on New security paradigms
A framework for testing hardware-software security architectures
Proceedings of the 26th Annual Computer Security Applications Conference
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Attribution of malicious behavior
ICISS'10 Proceedings of the 6th international conference on Information systems security
LeakProber: a framework for profiling sensitive data leakage paths
Proceedings of the first ACM conference on Data and application security and privacy
TaintEraser: protecting sensitive data leaks using application-level taint tracking
ACM SIGOPS Operating Systems Review
Automatically generating patch in binary programs using attribute-based taint analysis
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Cross-application data provenance and policy enforcement
ACM Transactions on Information and System Security (TISSEC)
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Making programs forget: enforcing lifetime for sensitive data
HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
Towards practical avoidance of information leakage in enterprise networks
HotSec'11 Proceedings of the 6th USENIX conference on Hot topics in security
Malware analysis with tree automata inference
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
SPARC: a security and privacy aware virtual machinecheckpointing mechanism
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Proceedings of the 18th ACM conference on Computer and communications security
Detection and analysis of cryptographic data inside software
ISC'11 Proceedings of the 14th international conference on Information security
Taint-exchange: a generic system for cross-process and cross-host taint tracking
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
A survey on automated dynamic malware-analysis techniques and tools
ACM Computing Surveys (CSUR)
Dataflow Tomography: Information Flow Tracking For Understanding and Visualizing Full Systems
ACM Transactions on Architecture and Code Optimization (TACO)
SWIPE: eager erasure of sensitive data in large scale systems software
Proceedings of the second ACM conference on Data and Application Security and Privacy
libdft: practical dynamic data flow tracking for commodity systems
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
One big file is not enough: a critical evaluation of the dominant free-space sanitization technique
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
The potential of sampling for dynamic analysis
Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security
A method for safekeeping cryptographic keys from memory disclosure attacks
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Challenges for dynamic analysis of iOS applications
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
FACE: Automated digital evidence discovery and correlation
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Treasure and tragedy in kmem_cache mining for live forensics investigation
Digital Investigation: The International Journal of Digital Forensics & Incident Response
User data persistence in physical memory
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Undangle: early detection of dangling pointers in use-after-free and double-free vulnerabilities
Proceedings of the 2012 International Symposium on Software Testing and Analysis
Recognizing malicious software behaviors with tree automata inference
Formal Methods in System Design
A software-hardware architecture for self-protecting data
Proceedings of the 2012 ACM conference on Computer and communications security
Eternal sunshine of the spotless machine: protecting privacy with ephemeral channels
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Assessing the trustworthiness of drivers
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Dynamic information-flow analysis for multi-threaded applications
ISoLA'12 Proceedings of the 5th international conference on Leveraging Applications of Formal Methods, Verification and Validation: technologies for mastering change - Volume Part I
Architecture-Independent dynamic information flow tracking
CC'13 Proceedings of the 22nd international conference on Compiler Construction
Automatic protocol reverse-engineering: Message format extraction and field semantics inference
Computer Networks: The International Journal of Computer and Telecommunications Networking
Verifying systems rules using rule-directed symbolic execution
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
iBinHunt: binary hunting with inter-procedural control flow
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
πBox: a platform for privacy-preserving apps
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
Communications of the ACM
Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection
ACM Transactions on Information and System Security (TISSEC)
Obfuscation resilient binary code reuse through trace-oriented programming
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
ShadowReplica: efficient parallelization of dynamic data flow tracking
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
LogGC: garbage collecting audit log
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Beyond full disk encryption: protection on security-enhanced commodity processors
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Preventing malicious data harvesting from deallocated memory areas
Proceedings of the 6th International Conference on Security of Information and Networks
DEFINED: deterministic execution for interactive control-plane debugging
USENIX ATC'13 Proceedings of the 2013 USENIX conference on Annual Technical Conference
ASCDS: a smartphone confidential data storage scheme
International Journal of Wireless and Mobile Computing
On quantitative dynamic data flow tracking
Proceedings of the 4th ACM conference on Data and application security and privacy
Memory encryption: A survey of existing techniques
ACM Computing Surveys (CSUR)
The impact of the antivirus on the digital evidence
International Journal of Electronic Security and Digital Forensics
Hi-index | 0.02 |
Strictly limiting the lifetime (i.e. propagation and duration of exposure) of sensitive data (e.g. passwords) is an important and well accepted practice in secure software development. Unfortunately, there are no current methods available for easily analyzing data lifetime, and very little information available on the quality of today's software with respect to data lifetime. We describe a system we have developed for analyzing sensitive data lifetime through whole system simulation called TaintBochs. TaintBochs tracks sensitive data by "tainting" it at the hardware level. Tainting information is then propagated across operating system, language, and application boundaries, permitting analysis of sensitive data handling at a whole system level. We have used TaintBochs to analyze sensitive data handling in several large, real world applications. Among these were Mozilla, Apache, and Perl, which are used to process millions of passwords, credit card numbers, etc. on a daily basis. Our investigation reveals that these applications and the components they rely upon take virtually no measures to limit the lifetime of sensitive data they handle, leaving passwords and other sensitive data scattered throughout user and kernel memory. We show how a few simple and practical changes can greatly reduce sensitive data lifetime in these applications.