A General Dynamic Information Flow Tracking Framework for Security Applications

Many software security solutions require accurate tracking of control/data dependencies among information objects in network applications. This paper presents a general dynamic information flow tracking framework (called GIFT) for C programs that allows an application developer to associate applicat...

Full description

Saved in:
Bibliographic Details
Main Authors: Lap Chung Lam, Tzi-cker Chiueh
Format: Conference Proceeding
Language:English
Subjects:
Application software
Automatic control
Computer applications
Computer security
Data security
Information analysis
Information security
Instruments
Logic
Program processors
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Many software security solutions require accurate tracking of control/data dependencies among information objects in network applications. This paper presents a general dynamic information flow tracking framework (called GIFT) for C programs that allows an application developer to associate application-specific tags with input data, instruments the application to propagate these tags to all the other data that are control/data-dependent on them, and invokes application-specific processing on output data according to their tag values. To use GIFT, an application developer only needs to implement input and output proxy functions to tag input data and to perform tag-dependent processing on output data, respectively. To demonstrate the usefulness of GIFT, we implement a complete GIFT application called Aussum, which allows selective sandboxing of network client applications based on whether their inputs are "tainted" or not. For a set of computation-intensive test applications, the measured elapsed time overhead of GIFT is less than 35%
ISSN:1063-9527
2576-9103
DOI:10.1109/ACSAC.2006.6