Let’s face it: Faceted values for taint tracking
Paper in proceedings, 2016

Taint tracking has been successfully deployed in a range of security applications to track data dependencies in hardware and machine-, binary-, and high-level code. Precision of taint tracking is key for its success in practice: being a vulnerability analysis, false positives must be low for the analysis to be practical. This paper presents an approach to taint tracking, which does not involve tracking taints throughout computation. Instead, we include shadow memories in the execution context, so that a single run of a program has the effect of computing on both tainted and untainted data. This mechanism is inspired by the technique of secure multi-execution, while in contrast to the latter it does not require running the entire program multiple times. We present a general framework and establish its soundness with respect to explicit secrecy, a policy for preventing insecure data leaks, and its precision showing that runs of secure programs are never modified. We show that the technique can be used for attack detection with no false positives. To evaluate the mechanism in practice, we implement DroidFace, a source-to-source transform for an intermediate Java-like language and benchmark its precision and performance with respect to representative static and dynamic taint trackers for Android. The results indicate that the performance penalty is tolerable while achieving both soundness and no false positives on the tested benchmarks.

Author

Daniel Schoepe

Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)

Musard Balliu

Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)

Frank Piessens

KU Leuven

Andrei Sabelfeld

Chalmers, Computer Science and Engineering (Chalmers), Software Technology (Chalmers)

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

03029743 (ISSN) 16113349 (eISSN)

Vol. 9878 LNCS, 2016 561-580

Areas of Advance

Information and Communication Technology

Subject Categories

Computer and Information Science

Roots

Basic sciences

DOI

10.1007/978-3-319-45744-4_28

ISBN

978-3-319-45743-7

More information

Latest update

5/29/2018