| Statically-directed dynamic taint analysis | |
| Chen, Kai (1); Zhang, Yingjun (2) | |
| 2014 | |
| 发表期刊 | Chinese Journal of Electronics
 |
| ISSN | 10224653 |
| 卷号 | 23期号:1页码:18-24 |
| 摘要 | Taint analysis is a popular method in software analysis field including vulnerability/malware analysis. By identifying taint source and making suitable taint propagation rules, we could directly know whether variables in software have any relationship with input data. Static taint analysis method is efficient, but it is imprecise since runtime information is lacked. Dynamic taint analysis method usually instruments every instruction in software to catch the taint propagation process. However, this is inefficient since it usually takes lots of time for context switches between original code and instrumenting code. In this paper, we propose a statically-directed dynamic taint analysis method to increase the efficiency of taint analysis process without any loss of accuracy. In this way, there is no need to instrument every instruction. Several experiments are made on our prototype SDTaint and the results show that our method is several times more efficient than traditional dynamic taint analysis method.; Taint analysis is a popular method in software analysis field including vulnerability/malware analysis. By identifying taint source and making suitable taint propagation rules, we could directly know whether variables in software have any relationship with input data. Static taint analysis method is efficient, but it is imprecise since runtime information is lacked. Dynamic taint analysis method usually instruments every instruction in software to catch the taint propagation process. However, this is inefficient since it usually takes lots of time for context switches between original code and instrumenting code. In this paper, we propose a statically-directed dynamic taint analysis method to increase the efficiency of taint analysis process without any loss of accuracy. In this way, there is no need to instrument every instruction. Several experiments are made on our prototype SDTaint and the results show that our method is several times more efficient than traditional dynamic taint analysis method. |
| 收录类别 | SCI ; EI |
| 关键词 | Taint Analysis Statically-directed Dynamic Analysis Binary Code |
| 部门归属 | (1) State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100195, China; (2) Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China; (3) Institute of Information Engineering, Chinese Academy of Sciences, China; (4) Institute of Software, Chinese Academy of Sciences, China |
| 语种 | 英语 |
| WOS记录号 | WOS:000330089800004 |
| 引用统计 | |
| 内容类型 | 期刊论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/16883 |
| 专题 | 中国科学院软件研究所 |
| 推荐引用方式 GB/T 7714 | Chen, Kai ,Zhang, Yingjun . Statically-directed dynamic taint analysis[J]. Chinese Journal of Electronics,2014,23(1):18-24. |
| APA | Chen, Kai ,&Zhang, Yingjun .(2014).Statically-directed dynamic taint analysis.Chinese Journal of Electronics,23(1),18-24. |
| MLA | Chen, Kai ,et al."Statically-directed dynamic taint analysis".Chinese Journal of Electronics 23.1(2014):18-24. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论