L. S. D. Araújo, L. A. J. Marzulo, Tiago A. O. Alves, F. França, I. Koren, S. Kundu
{"title":"Building a portable deeply-nested implicit information flow tracking","authors":"L. S. D. Araújo, L. A. J. Marzulo, Tiago A. O. Alves, F. França, I. Koren, S. Kundu","doi":"10.1145/3387902.3392614","DOIUrl":null,"url":null,"abstract":"Dynamic Information Flow Tracking has been successfully used to prevent a wide range of attacks and detect illegal access to sensitive information. Most proposed solutions only track the explicit information flow where the taint is propagated through data dependencies. However, recent evasion attacks exploit implicit flows, that use control flow in the application, to manipulate the data thus making the malicious activity undetectable. We propose NIFT - a nested implicit flow tracking mechanism that extends explicit propagation to instructions affected by a control dependency. Our technique generates taint instructions at compile time which are executed by specialized hardware to propagate taint implicitly even in cases of deeply-nested branches. In addition, we propose a restricted taint propagation for data executed in conditional branches that affects only immediate instructions instead of all instructions inside the branch scope. Our technique efficiently locates implicit flows and resolves them with negligible performance overhead. Moreover, it mitigates the over-tainting problem.","PeriodicalId":155089,"journal":{"name":"Proceedings of the 17th ACM International Conference on Computing Frontiers","volume":"71 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 17th ACM International Conference on Computing Frontiers","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3387902.3392614","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Dynamic Information Flow Tracking has been successfully used to prevent a wide range of attacks and detect illegal access to sensitive information. Most proposed solutions only track the explicit information flow where the taint is propagated through data dependencies. However, recent evasion attacks exploit implicit flows, that use control flow in the application, to manipulate the data thus making the malicious activity undetectable. We propose NIFT - a nested implicit flow tracking mechanism that extends explicit propagation to instructions affected by a control dependency. Our technique generates taint instructions at compile time which are executed by specialized hardware to propagate taint implicitly even in cases of deeply-nested branches. In addition, we propose a restricted taint propagation for data executed in conditional branches that affects only immediate instructions instead of all instructions inside the branch scope. Our technique efficiently locates implicit flows and resolves them with negligible performance overhead. Moreover, it mitigates the over-tainting problem.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
