Taint-Exchange: A Generic System for Cross-Process and Cross-Host Taint Tracking
详细信息 查看全文
- 作者:Angeliki Zavou (1) azavou@cs.columbia.edu
Georgios Portokalidis (1) porto@cs.columbia.edu
Angelos D. Keromytis (1) angelos@cs.columbia.edu - 刊名:Lecture Notes in Computer Science
- 出版年:2011
- 出版时间:2011
- 年:2011
- 卷:7038
- 期:1
- 页码:113-128
- 全文大小:265.2 KB
- 参考文献:1. Attariyan, M., Flinn, J.: Automating configuration troubleshooting with dynamic information flow analysis. In: Proceedings of the 9th Symposium on Operating Systems Design and Implementation (OSDI), pp. 1–11 (2010)
2. Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. In: Proceedings of the 19th Symposium on Operating Systems Principles (SOSP), pp. 164–177 (2003)
3. Bellard, F.: QEMU, a fast and portable dynamic translator. In: Proceedings of the USENIX Annual Technical Conference, pp. 41–46 (April 2005)
4. Bochs: The cross platform IA-32 emulator (2001), http://bochs.sourceforge.net
5. Borin, E., Wang, C., Wu, Y., Araujo, G.: Software-based transparent and comprehensive control-flow error detection. In: Proceedings of the International Symposium on Code Generation and Optimization (CGO), pp. 333–345 (2006)
6. Cheng, W., Zhao, Q., Yu, B., Hiroshige, S.: TaintTrace: Efficient flow tracing with dynamic binary rewriting. In: Proceedings of the IEEE Symposium on Computers and Communications (ISCC), pp. 749–754 (2006)
7. Chow, J., Pfaff, B., Garfinkel, T., Christopher, K., Rosenblum, M.: Understanding Data Lifetime via Whole System Simulation. In: Proceedings of the 13th USENIX Security Symposium, pp. 321–336 (2004)
8. Clause, J., Li, W., Orso, A.: Dytan: a generic dynamic taint analysis framework. In: Proceedings of the 2007 International Symposium on Software Testing and Analysis (ISSTA), pp. 196–206 (2007)
9. Crandall, J.R., Chong, F.T.: Minos: Control data attack prevention orthogonal to memory model. In: Proceedings of the 37th Annual International Symposium on Microarchitecture, pp. 221–232 (2004)
10. Dalton, M., Kannan, H., Kozyrakis, C.: Real-world buffer overflow protection for userspace & kernelspace. In: Proceedings of the 17th USENIX Security Symposium, pp. 395–410 (2008)
11. Davis, B., Chen, H.: DBTaint: cross-application information flow tracking via databases. In: Proceedings of the 2010 USENIX Conference on Web Application Development, WebApps (2010)
12. Enck, W., Gilbert, P., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th Symposium on Operating Systems Design and Implementation (OSDI), pp. 393–407 (2010)
13. Ho, A., Fetterman, M., Warfield, C.C.A., Hand, S.: Practical taint-based protection using demand emulation. In: Proceedings of the 1st European Conference on Computer Systems (EuroSys), pp. 29–41 (2006)
14. Kemerlis, V.P.: libdft (2010), http://www.cs.columbia.edu/~vpk/research/libdft/
15. Luk, C.K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: Building customized program analysis tools with dynamic instrumentation. In: Proceedings of the Conference on Programming Language Design and Implementation (PLDI), pp. 190–200 (2005)
16. McVoy, L., Staelin, C.: lmbench (2005), http://lmbench.sourceforge.net/
17. Mysore, S., Mazloom, B., Agrawal, B., Sherwood, T.: Understanding and visualizing full systems with data flow tomography. In: Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 211–221 (2008)
18. Nethercote, N., Seward, J.: Valgrind: A framework for heavyweight dynamic binary instrumentation. In: Proceedings of the Conference on Programming Language Design and Implementation (PLDI), pp. 89–100 (2007)
19. Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium, NDSS (2005)
20. Portokalidis, G., Slowinska, A., Bos, H.: Argos: an emulator for fingerprinting zero-day attacks. In: Proceedings of the 1st European Conference on Computer Systems (EuroSys), pp. 15–27 (2006)
21. Qin, F., Wang, C., Li, Z., Kim, H.s., Zhou, Y., Wu, Y.: LIFT: A low-overhead practical information flow tracking system for detecting security attacks. In: Proceedings of the 39th Annual International Symposium on Microarchitecture, pp. 135–148 (2006)
22. Slowinska, A., Bos, H.: Pointless tainting? Evaluating the practicality of pointer tainting. In: Proceedings of EuroSys 2009, Nuremberg, Germany (March-April 2009)
23. Suh, G.E., Lee, J., Devadas, S.: Secure program execution via dynamic information flow tracking. In: Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 85–96 (2004)
24. Vachharajani, N., Bridges, M.J., Chang, J., Rangan, R., Ottoni, G., Blome, J.A., Reis, G.A., Vachharajani, M., August, D.I.: RIFLE: An architectural framework for user-centric information-flow security. In: Proceedings of the 37th International Symposium on Microarchitecture (MICRO), pp. 243–254 (2004)
25. Wang, T., Wei, T., Gu, G., Zou, W.: TaintScope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 497–512 (2010)
26. Xu, W., Bhatkar, S., Sekar, R.: Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks. In: Proceedings of the 15th USENIX Security Symposium (2006)
27. Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th Conference on Computer and Communications Security (CCS), pp. 116–127 (2007)
28. Zhang, Q., McCullough, J., Ma, J., Schear, N., Vrable, M., Vahdat, A., Snoeren, A.C., Voelker, G.M., Savage, S.: Neon: system support for derived data management. In: Proceedings of the 6th International Conference on Virtual Execution Environments (VEE), pp. 63–74 (2010)
29. Zhu, D., Jung, J., Song, D., Kohno, T., Wetherall, D.: TaintEraser: protecting sensitive data leaks using application-level taint tracking. SIGOPS Operating Systems Review 45, 142–154 (2011) - 作者单位:1. Network Security Lab, Department of Computer Science, Columbia University, New York, NY, USA
- 刊物类别:Computer Science
- 刊物主题:Artificial Intelligence and Robotics
Computer Communication Networks
Software Engineering
Data Encryption
Database Management
Computation by Abstract Devices
Algorithm Analysis and Problem Complexity - 出版者:Springer Berlin / Heidelberg
- ISSN:1611-3349
文摘
Dynamic taint analysis (DTA) has been heavily used by security researchers for various tasks, including detecting unknown exploits, analyzing malware, preventing information leaks, and many more. Recently, it has been also utilized to track data across processes and hosts to shed light on the interaction of distributed components, but also for security purposes. This paper presents Taint-Exchange, a generic cross-process and cross-host taint tracking framework. Our goal is to provide researchers with a valuable tool for rapidly developing prototypes that utilize cross-host taint tracking. Taint-Exchange builds on the libdft open source data flow tracking framework for processes, so unlike previous work it does not require extensive maintenance and setup. It intercepts I/O related system calls to transparently multiplex fine-grained taint information into existing communication channels, like sockets and pipes. We evaluate Taint-Exchange using the popular lmbench suite, and show that it incurs only moderate overhead.