OFFDTAN: A New Approach of Offline Dynamic Taint Analysis for Binaries

Dynamic taint analysis is a powerful technique for tracking the flow of sensitive information. Different approaches have been proposed to accelerate this process in an online or offline manner. Unfortunately, most of these approaches still have performance bottlenecks and thus reduce analytical effi...

Full description

Saved in:
Bibliographic Details
Published in:Security and communication networks 2018-01, Vol.2018 (2018), p.1-13
Main Authors: Jian, Zefeng, Dou, Bowen, Ma, Rui, Wang, Xiajing, Chen, Hongzhou
Format: Article
Language:English
Subjects:
Data processing
Efficiency
Methods
Propagation
Run time (computers)
Semantics
Software
Virtual environments
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Dynamic taint analysis is a powerful technique for tracking the flow of sensitive information. Different approaches have been proposed to accelerate this process in an online or offline manner. Unfortunately, most of these approaches still have performance bottlenecks and thus reduce analytical efficiency. To address this limitation, we present OFFDTAN, a new approach of offline dynamic taint analysis for binaries. OFFDTAN can be described in terms of four stages: dynamic information acquisition, vulnerability modeling, offline analysis, and backtrace analysis. It first records program runtime information and models the stack buffer overflow vulnerabilities and controlled jump vulnerabilities. Then it performs offline analysis and backtrace analysis to locate vulnerabilities. We implement OFFDTAN on the basis of QEMU virtual machine and apply it to off-the-shelf applications. In order to illustrate how our approach works, we first employ a case study. Furthermore, six applications have been verified so as to evaluate our approach. Experimental results demonstrate that our approach is correct and effective. Compared with other offline analysis tools, OFFDTAN has much lower application runtime overhead.
ISSN:1939-0114
1939-0122
DOI:10.1155/2018/7693861