TY - GEN
T1 - StraightTaint
T2 - 31st IEEE/ACM International Conference on Automated Software Engineering, ASE 2016
AU - Ming, Jiang
AU - Wu, Dinghao
AU - Wang, Jun
AU - Xiao, Gaoyao
AU - Liu, Peng
N1 - Funding Information:
This research was supported in part by the National Science Foundation (NSF) grants CNS-1223710 and CCF-1320605, and the Office of Naval Research (ONR) grants N00014-13-1-0175, N00014-16-1-2265, and N00014-16-1-2912. Liu was also supported by ARO W911NF-13-1-0421 and NSF CNS-1422594.
Publisher Copyright:
© 2016 ACM.
PY - 2016/8/25
Y1 - 2016/8/25
N2 - Taint analysis has been widely applied in ex post facto security applications, such as attack provenance investigation, computer forensic analysis, and reverse engineering. Unfortunately, the high runtime overhead imposed by dynamic taint analysis makes it impractical in many scenarios. The key obstacle is the strict coupling of program execution and taint tracking logic code. To alleviate this performance bottleneck, recent work seeks to offoad taint analysis from program execution and run it on a spare core or a different CPU. However, since the taint analysis has heavy data and control dependencies on the program execution, the massive data in recording and transformation overshadow the benefit of decoupling. In this paper, we propose a novel technique to allow very lightweight logging, resulting in much lower execution slowdown, while still permitting us to perform full-featured offine taint analysis. We develop StraightTaint, a hybrid taint analysis tool that completely decouples the program execution and taint analysis. StraightTaint relies on very lightweight logging of the execution information to reconstruct a straight-line code, enabling an offine symbolic taint analysis without frequent data communication with the application. While StraightTaint does not log complete runtime or input values, it is able to precisely identify the causal relationships between sources and sinks, for example. Compared with traditional dynamic taint analysis tools, StraightTaint has much lower application runtime overhead.
AB - Taint analysis has been widely applied in ex post facto security applications, such as attack provenance investigation, computer forensic analysis, and reverse engineering. Unfortunately, the high runtime overhead imposed by dynamic taint analysis makes it impractical in many scenarios. The key obstacle is the strict coupling of program execution and taint tracking logic code. To alleviate this performance bottleneck, recent work seeks to offoad taint analysis from program execution and run it on a spare core or a different CPU. However, since the taint analysis has heavy data and control dependencies on the program execution, the massive data in recording and transformation overshadow the benefit of decoupling. In this paper, we propose a novel technique to allow very lightweight logging, resulting in much lower execution slowdown, while still permitting us to perform full-featured offine taint analysis. We develop StraightTaint, a hybrid taint analysis tool that completely decouples the program execution and taint analysis. StraightTaint relies on very lightweight logging of the execution information to reconstruct a straight-line code, enabling an offine symbolic taint analysis without frequent data communication with the application. While StraightTaint does not log complete runtime or input values, it is able to precisely identify the causal relationships between sources and sinks, for example. Compared with traditional dynamic taint analysis tools, StraightTaint has much lower application runtime overhead.
UR - http://www.scopus.com/inward/record.url?scp=84989201374&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84989201374&partnerID=8YFLogxK
U2 - 10.1145/2970276.2970299
DO - 10.1145/2970276.2970299
M3 - Conference contribution
AN - SCOPUS:84989201374
T3 - ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering
SP - 308
EP - 319
BT - ASE 2016 - Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering
A2 - Khurshid, Sarfraz
A2 - Lo, David
A2 - Apel, Sven
PB - Association for Computing Machinery, Inc
Y2 - 3 September 2016 through 7 September 2016
ER -