Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
A dynamic taint analysis method of control-dependent data
- Issue Date
- Nov-2016
- Publisher
- International Information Institute Ltd.
- Keywords
- Dynamic Taint Analysis; Control-Dependent Data; Software Testing; Malware Analysis
- Citation
- Information (Japan), v.19, no.11, pp.5245 - 5259
- Indexed
- SCOPUS
- Journal Title
- Information (Japan)
- Volume
- 19
- Number
- 11
- Start Page
- 5245
- End Page
- 5259
- ISSN
- 1343-4500
- Abstract
- Dynamic taint analysis (DTA) is one of the primary methods of software analyzation. Vanilla DTA is the most straightforward approach, which uses conventional data flow without considering any control-dependent data, usually suffers under-tainting problem. In this paper, we propose a dynamic taint analysis method which mitigates under-tainting problem caused by control-dependent data. Our method detects the controls which are executed by tainted data, and marks the control-dependent data as tainted. We implement a system which represents our method, and experiment with 9 programs; 4 commodity software, and 5 Botnet malware. We also experiment with vanilla DTA and DYTAN's DTA, which demonstrate under-tainting and over-tainting problems, respectively. We evaluate the experimental results on two criteria: the number of tainted instructions, and tainting intensity. The evaluation shows that our system propagate taint marks to the control-dependent data for all 9 programs, and does not cause over-tainting problem. Although there are some discussions, we hope our approach will contribute to the software testing and malware mitigation.
- Files in This Item
- Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Related Researcher
- Im, Eul Gyu
- COLLEGE OF ENGINEERING (SCHOOL OF COMPUTER SCIENCE)