Survey of dynamic taint analysis
- Authors
- Kim, Junhyoung; Kim, Taeguen; Im, Eul Gyu
- Issue Date
- Sep-2014
- Publisher
- Institute of Electrical and Electronics Engineers Inc.
- Keywords
- dynamic taint analysis
- Citation
- Proceedings of 2014 4th IEEE International Conference on Network Infrastructure and Digital Content, IEEE IC-NIDC 2014, pp.269 - 272
- Indexed
- SCOPUS
- Journal Title
- Proceedings of 2014 4th IEEE International Conference on Network Infrastructure and Digital Content, IEEE IC-NIDC 2014
- Start Page
- 269
- End Page
- 272
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/159283
- DOI
- 10.1109/ICNIDC.2014.7000307
- ISSN
- 0000-0000
- Abstract
- Dynamic taint analysis (DTA) is to analyze execution paths that an attacker may use to exploit a system. Dynamic taint analysis is a method to analyze executable files by tracing information flow without source code. DTA marks certain inputs to program as tainted, and then propagates values operated with tainted inputs. Due to the increased popularity of dynamic taint analysis, there have been a few recent research approaches to provide a generalized tainting infrastructure. In this paper, we introduce some approaches of dynamic taint analysis, and analyze their approaches. Lam and Chiueh's approach proposed a method that instruments code to perform taint marking and propagation. DYTAN considers three dimensions: taint source, propagation policies, taint sink. These dimensions make DYTAN to be more general framework for dynamic taint analysis. DTA++ proposes an idea to vanilla dynamic taint analysis that propagates additional taints along with targeted control dependencies. Control dependency causes results of taint analysis to have decreased accuracies. To improve accuracies, DTA++ showed that data transformation containing implicit flows should propagate properly to avoid under-tainting. ? 2014 IEEE.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.