Open Access
Efficient Fine-Grained Binary Instrumentation with Applications to Taint-Tracking ∗
Prateek Saxena,R. C. Sekar,Varun Puranik +2 more
- 01 Jan 2008
TL;DR: This paper develops static techniques that can recover some of the higher level structure from x86 binaries that enables effective optimizations, which are applied in the context of taint tracking and achieves a substantial reduction in performance overheads.
read more
Abstract: Fine-grained binary instrumentations, such as those for tainttracking, have become very popular in computer security due to their applications in exploit detection, sandboxing, malware analysis, etc. However, practical application of taint-tracking has been limited by high performance overheads. For instance, previous software based techniques for taint-tracking on binary code have typically slowed down programs by a factor of 3 or more. In contrast, source-code based techniques have achieved better performance using high level optimizations. Unfortunately, these optimizations are difficult to perform on binaries since much of the high level program structure required by such static analyses is lost during the compilation process. In this paper, we address this challenge by developing static techniques that can recover some of the higher level structure from x86 binaries. Our new static analysis enables effective optimizations, which are applied in the context of taint tracking. As a result, we achieve a substantial reduction in performance overheads as compared to previous works.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones
William Enck,Peter Gilbert,Seungyeop Han,Vasant Tendulkar,Byung-Gon Chun,Landon P. Cox,Jaeyeon Jung,Patrick McDaniel,Anmol Sheth +8 more
TL;DR: TaintDroid as mentioned in this paper is an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data by leveraging Android's virtualized execution environment.
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
William Enck,Peter Gilbert,Byung-Gon Chun,Landon P. Cox,Jaeyeon Jung,Patrick McDaniel,Anmol Sheth +6 more
- 04 Oct 2010
TL;DR: Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, this work found 68 instances of misappropriation of users' location and device identification information across 20 applications.
Smashing the Gadgets: Hindering Return-Oriented Programming Using In-place Code Randomization
Vasilis Pappas,Michalis Polychronakis,Angelos D. Keromytis +2 more
- 20 May 2012
TL;DR: In-place code randomization is presented, a practical mitigation technique against ROP attacks that can be applied directly on third-party software and is easily used in tandem with existing exploit mitigations such as address space layout randomization.
DroidChameleon: evaluating Android anti-malware against transformation attacks
Vaibhav Rastogi,Yan Chen,Xuxian Jiang +2 more
- 08 May 2013
TL;DR: This paper evaluates the state-of-the-art commercial mobile antimalware products for Android and test how resistant they are against various common obfuscation techniques and proposes possible remedies for improving the current state of malware detection on mobile devices.
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
William Enck,Peter Gilbert,Byung-Gon Chun,Landon P. Cox,Jaeyeon Jung,Patrick McDaniel,Anmol Sheth +6 more
TL;DR: TaintDroid as mentioned in this paper is an efficient, systemwide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data by leveraging Android's virtualized execution environment.
327
References
Pin: building customized program analysis tools with dynamic instrumentation
Chi-Keung Luk,Robert Cohn,Robert Muth,Harish Patil,Artur Klauser,Geoff Lowney,Steven Wallace,Vijay Janapa Reddi,Kim Hazelwood +8 more
- 12 Jun 2005
TL;DR: The goals are to provide easy-to-use, portable, transparent, and efficient instrumentation, and to illustrate Pin's versatility, two Pintools in daily use to analyze production software are described.
Valgrind: a framework for heavyweight dynamic binary instrumentation
Nicholas Nethercote,Julian Seward +1 more
- 10 Jun 2007
TL;DR: Valgrind is described, a DBI framework designed for building heavyweight DBA tools that can be used to build more interesting, heavyweight tools that are difficult or impossible to build with other DBI frameworks such as Pin and DynamoRIO.
•Proceedings Article
QEMU, a fast and portable dynamic translator
Fabrice Bellard
- 10 Apr 2005
TL;DR: QEMU supports full system emulation in which a complete and unmodified operating system is run in a virtual machine and Linux user mode emulation where a Linux process compiled for one target CPU can be run on another CPU.
•Proceedings Article
Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software
James Newsome,Dawn Song +1 more
- 01 Jan 2005
TL;DR: TaintCheck as mentioned in this paper performs dynamic taint analysis by performing binary rewriting at run time, which can reliably detect most types of exploits and produces no false positives for any of the many different programs that were tested.
•Proceedings Article
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
Crispin Cowan,Calton Pu,Dave Maier,Heather Hintony,Jonathan Walpole,Peat Bakke,Steve Beattie,Aaron Grier,Perry Wagle,Qian Zhang +9 more
- 26 Jan 1998
TL;DR: StackGuard is described: a simple compiler technique that virtually eliminates buffer overflow vulnerabilities with only modest performance penalties, and a set of variations on the technique that trade-off between penetration resistance and performance.
Related Papers (5)
Nicholas Nethercote,Julian Seward +1 more
- 10 Jun 2007
James Clause,Wanchun Li,Alessandro Orso +2 more
- 09 Jul 2007