Institutional Repository
| Statically-directed dynamic taint analysis | |
| Chen, Kai (1); Zhang, Yingjun (2) | |
| 2014 | |
| Source | Chinese Journal of Electronics
 |
| ISSN | 10224653 |
| Volume | 23Issue:1Pages:18-24 |
| English Abstract | Taint analysis is a popular method in software analysis field including vulnerability/malware analysis. By identifying taint source and making suitable taint propagation rules, we could directly know whether variables in software have any relationship with input data. Static taint analysis method is efficient, but it is imprecise since runtime information is lacked. Dynamic taint analysis method usually instruments every instruction in software to catch the taint propagation process. However, this is inefficient since it usually takes lots of time for context switches between original code and instrumenting code. In this paper, we propose a statically-directed dynamic taint analysis method to increase the efficiency of taint analysis process without any loss of accuracy. In this way, there is no need to instrument every instruction. Several experiments are made on our prototype SDTaint and the results show that our method is several times more efficient than traditional dynamic taint analysis method.; Taint analysis is a popular method in software analysis field including vulnerability/malware analysis. By identifying taint source and making suitable taint propagation rules, we could directly know whether variables in software have any relationship with input data. Static taint analysis method is efficient, but it is imprecise since runtime information is lacked. Dynamic taint analysis method usually instruments every instruction in software to catch the taint propagation process. However, this is inefficient since it usually takes lots of time for context switches between original code and instrumenting code. In this paper, we propose a statically-directed dynamic taint analysis method to increase the efficiency of taint analysis process without any loss of accuracy. In this way, there is no need to instrument every instruction. Several experiments are made on our prototype SDTaint and the results show that our method is several times more efficient than traditional dynamic taint analysis method. |
| Indexed Type | SCI ; EI |
| Keyword | Taint Analysis Statically-directed Dynamic Analysis Binary Code |
| Department | (1) State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100195, China; (2) Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China; (3) Institute of Information Engineering, Chinese Academy of Sciences, China; (4) Institute of Software, Chinese Academy of Sciences, China |
| Language | 英语 |
| WOS ID | WOS:000330089800004 |
| Citation statistics | |
| Content Type | 期刊论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/16883 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Chen, Kai ,Zhang, Yingjun . Statically-directed dynamic taint analysis[J]. Chinese Journal of Electronics,2014,23(1):18-24. |
| APA | Chen, Kai ,&Zhang, Yingjun .(2014).Statically-directed dynamic taint analysis.Chinese Journal of Electronics,23(1),18-24. |
| MLA | Chen, Kai ,et al."Statically-directed dynamic taint analysis".Chinese Journal of Electronics 23.1(2014):18-24. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment