Zhiyou Tian (Xidian University), Cong Sun (Xidian University), Dongrui Zeng (Palo Alto Networks), Gang Tan (Pennsylvania State University)

Dynamic taint analysis (DTA) has been widely used in security applications, including exploit detection, data provenance, fuzzing improvement, and information flow control. Meanwhile, the usability of DTA is argued on its high runtime overhead, causing a slowdown of more than one magnitude on large binaries. Various approaches have used preliminary static analysis and introduced parallelization or higher-granularity abstractions to raise the scalability of DTA. In this paper, we present a dynamic taint analysis framework podft that defines and enforces different fast paths to improve the efficiency of DBI-based dynamic taint analysis. podft uses a value-set analysis (VSA) to differentiate the instructions that must not be tainted from those potentially tainted. Combining the VSA-based analysis results with proper library function abstractions, we develop taint tracking policies for fast and slow paths and implement the tracking policy enforcement as a Pin-based taint tracker. The experimental results show that podft is more efficient than the state-of-the-art fast path-based DTA approach and competitive with the static binary rewriting approach. podft has a high potential to integrate basic block-level deep neural networks to simplify fast path enforcement and raise tracking efficiency.

View More Papers

OptRand: Optimistically Responsive Reconfigurable Distributed Randomness

Adithya Bhat (Purdue University), Nibesh Shrestha (Rochester Institute of Technology), Aniket Kate (Purdue University), Kartik Nayak (Duke University)

Read More

Lightning Community Shout-Outs to:

(1) Jonathan Petit, Secure ML Performance Benchmark (Qualcomm) (2) David Balenson, The Road to Future Automotive Research Datasets: PIVOT Project and Community Workshop (USC Information Sciences Institute) (3) Jeremy Daily, CyberX Challenge Events (Colorado State University) (4) Mert D. Pesé, DETROIT: Data Collection, Translation and Sharing for Rapid Vehicular App Development (Clemson University) (5) Ning…

Read More

Why do Internet Devices Remain Vulnerable? A Survey with...

Tamara Bondar, Hala Assal, AbdelRahman Abdou (Carleton University)

Read More

dewolf: Improving Decompilation by leveraging User Surveys

Steffen Enders, Eva-Maria C. Behner, Niklas Bergmann, Mariia Rybalka, Elmar Padilla (Fraunhofer FKIE, Germany), Er Xue Hui, Henry Low, Nicholas Sim (DSO National Laboratories, Singapore)

Read More