Title :
FlowWalker: A Fast and Precise Off-Line Taint Analysis Framework
Author :
Baojiang Cui ; Fuwei Wang ; Tao Guo ; Guowei Dong ; Bing Zhao
Author_Institution :
Sch. of Comput., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
This paper presents Flow Walker, a new dynamic taint analysis framework which focuses on eliminating the bottlenecks of the existing tools. The framework proposes a multi-taint-tag assemble level taint propagation strategy. Flow Walker separates taint tracking operations from execution with an off-line structure, uses memory-mapped file to enhance IO efficiency and processes taint paths during execution playback. Based on tainted path information, this paper presents a file format cognition algorithm. According to test data, the average program execution slowdown is less than seven times as original while the speed enhancement is about 15% compared to other cognate tools on Windows, and simple file formats are correctly partitioned with all constant fields extracted. Due to its efficiency and scalability, Flow Walker can be used in further security-related researches.
Keywords :
security of data; system monitoring; FlowWalker; IO efficiency; Windows; dynamic taint analysis framework; execution playback; file format cognition algorithm; memory-mapped file; multitaint-tag assemble level taint propagation strategy; Arrays; Cognition; Context; Instruction sets; Instruments; Message systems; Registers; Taint analysis; binary instrumentation; format cognition;
Conference_Titel :
Emerging Intelligent Data and Web Technologies (EIDWT), 2013 Fourth International Conference on
Conference_Location :
Xi´an
Print_ISBN :
978-1-4799-2140-9
DOI :
10.1109/EIDWT.2013.105
