StraightTaint: Decoupled offline symbolic taint analysis

Jiang Ming, Dinghao Wu, Jun Wang, Gaoyao Xiao, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

15 Scopus citations

Abstract

Taint analysis has been widely applied in ex post facto security applications, such as attack provenance investigation, computer forensic analysis, and reverse engineering. Unfortunately, the high runtime overhead imposed by dynamic taint analysis makes it impractical in many scenarios. The key obstacle is the strict coupling of program execution and taint tracking logic code. To alleviate this performance bottleneck, recent work seeks to offoad taint analysis from program execution and run it on a spare core or a different CPU. However, since the taint analysis has heavy data and control dependencies on the program execution, the massive data in recording and transformation overshadow the benefit of decoupling. In this paper, we propose a novel technique to allow very lightweight logging, resulting in much lower execution slowdown, while still permitting us to perform full-featured offine taint analysis. We develop StraightTaint, a hybrid taint analysis tool that completely decouples the program execution and taint analysis. StraightTaint relies on very lightweight logging of the execution information to reconstruct a straight-line code, enabling an offine symbolic taint analysis without frequent data communication with the application. While StraightTaint does not log complete runtime or input values, it is able to precisely identify the causal relationships between sources and sinks, for example. Compared with traditional dynamic taint analysis tools, StraightTaint has much lower application runtime overhead.

Original languageEnglish (US)
Title of host publicationASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering
EditorsSarfraz Khurshid, David Lo, Sven Apel
PublisherAssociation for Computing Machinery, Inc
Pages308-319
Number of pages12
ISBN (Electronic)9781450338455
DOIs
StatePublished - Aug 25 2016
Event31st IEEE/ACM International Conference on Automated Software Engineering, ASE 2016 - Singapore, Singapore
Duration: Sep 3 2016Sep 7 2016

Publication series

NameASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering

Other

Other31st IEEE/ACM International Conference on Automated Software Engineering, ASE 2016
CountrySingapore
CitySingapore
Period9/3/169/7/16

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Software
  • Computational Theory and Mathematics
  • Human-Computer Interaction

Cite this

Ming, J., Wu, D., Wang, J., Xiao, G., & Liu, P. (2016). StraightTaint: Decoupled offline symbolic taint analysis. In S. Khurshid, D. Lo, & S. Apel (Eds.), ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering (pp. 308-319). (ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering). Association for Computing Machinery, Inc. https://doi.org/10.1145/2970276.2970299