Sensitive data tracking using dynamic taint analysis
作者: Jaeyeon Jung , Yu Zhu
DOI:
关键词:
摘要: A system and method for tracking sensitive data uses dynamic taint analysis to track as the flows through a target application running on computer system. In general, marks tainted when input is indicated sensitive. The may then propagation of read from written memory by detect if output (e.g., leaked). Dynamic binary translation be used provide instrumentation at instruction level and/or function level. Of course, many alternatives, variations, modifications are possible without departing this embodiment.
lens.org 参考文章(11)
Jong Youl Choi, Ninghui Li, Zhuowei Li, XiaoFeng Wang, PRECIP: Towards Practical and Retrofittable Confidential Information Protection. network and distributed system security symposium. ,(2008)
Tal Garfinkel, Mendel Rosenblum, Kevin Christopher, Ben Pfaff, Jim Chow, Understanding data lifetime via whole system simulation usenix security symposium. pp. 22- 22 ,(2004)
Engin Kirda, Manuel Egele, Christopher Kruegel, Dawn Song, Heng Yin, Dynamic spyware analysis usenix annual technical conference. pp. 18- ,(2007)
James Clause, Wanchun Li, Alessandro Orso, Dytan: a generic dynamic taint analysis framework international symposium on software testing and analysis. pp. 196- 206 ,(2007) , 10.1145/1273463.1273490
Dawn Song, David Brumley, Heng Yin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, Prateek Saxena, BitBlaze: A New Approach to Computer Security via Binary Analysis international conference on information systems security. pp. 1- 25 ,(2008) , 10.1007/978-3-540-89862-7_1
N. Vachharajani, M.J. Bridges, J. Chang, R. Rangan, G. Ottoni, J.A. Blome, G.A. Reis, M. Vachharajani, D.I. August, RIFLE: An Architectural Framework for User-Centric Information-Flow Security international symposium on microarchitecture. pp. 243- 254 ,(2004) , 10.1109/MICRO.2004.31
Marcus Peinado, Laurent S . Visconti, Nikola Livic, Mark L . Niehaus, Luis Irun-Briz, Malware detection with taint tracking ,(2008)
Liqun Chen, Wael Ibrahim, Protecting sensitive data intended for a remote application ,(2007)
Geoffrey Pike, Computational system including mechanisms for tracking taint ,(2008)
Carey Nachenberg, Jeffrey Wilhelm, Method and apparatus for detecting leakage of sensitive information ,(2006)