TASEL: Dynamic Taint Analysis with selective control dependency
- Authors
- Kang, Byeongho; Kim, Taeguen; Kang, BooJoong; Im, Eul Gyu; Ryu, Minsoo
- Issue Date
- Oct-2014
- Publisher
- Association for Computing Machinery, Inc
- Keywords
- Binary file analysis; Control dependency; Dynamic Taint Analysis; Software analysis; Vulnerability analysis
- Citation
- Proceedings of the 2014 Research in Adaptive and Convergent Systems, RACS 2014, pp.272 - 277
- Indexed
- SCOPUS
- Journal Title
- Proceedings of the 2014 Research in Adaptive and Convergent Systems, RACS 2014
- Start Page
- 272
- End Page
- 277
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/158944
- DOI
- 10.1145/2663761.2664219
- ISSN
- 0000-0000
- Abstract
- Dynamic Taint Analysis (DTA) is an approach used for software testing and vulnerability analysis. The vanilla DTA method is widely used, but its simple taint propagation does not consider any control dependency. Therefore, vanilla DTA generally suffers from the under-tainting caused by control dependency. The under-tainting can be problematic when analyzers try to check vulnerabilities of software. In this paper, we propose Dynamic Taint Analysis with Selective Control Dependency (TASEL), to mitigate the under-tainting problem caused by control dependency. Our technique detects control-dependent data which have possibilities to change the program's control flows. We implemented TASEL using Intel Pin, and applied it for the commodity programs such as Microsoft Notepad. Experimental results show our proposed method successfully resolves the under-tainting problem, without causing the over-tainting problem.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.