Skip to main content
SpringerLink
Log in

Retracted: Explicit Untainting to Reduce Shadow Memory Usage in Dynamic Taint Analysis

  • Conference paper
Computational Science and Its Applications – ICCSA 2014 (ICCSA 2014)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 8583))

Included in the following conference series:

  • 3599 Accesses

Abstract

As the growth of computing technologies and smart service, the dimension for importance of security of a system has been increased dramatically. Many researches for solving threats of software vulnerabilities have been proposed in worldwide. Ordinary program testing method for finding defects in software can be categorized into black-box testing and white-box testing. In Black-box testing, the tester does not need to tasks recognization of the internal structure of program, whereas in white-box testing, the tester checks to tasks recognization of internal structure of program. Taint analysis is an efficient black-box testing method for finding exploited crashes by tracking external input to the program. However, taint analysis method is too heavy and slow to provide for commercial analysis program, because of large amount of computation and shadow memory usage. Recent, many experimental approaches to weight down and to speed up the analysis process, but it were lacking in commercial use. In this paper, we propose a method to reduce shadow memory usage by selectively not trace the definite untainting memories. Our evaluation result shows that we can reduce number of taint operation by significant amount.

An Erratum for this chapter can be found at http://dx.doi.org/10.1007/978-3-319-09156-3_56

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. 2012 Annual Report PandaLabs, http://press.pandasecurity.com/press-room/reports

  2. Min, J.-W., Choi, Y.-H., Eom, J.-H., Chung, T.-M.: Explicit Untainting to Reduce Shadow Memory Usage and Access Frequency in Taint Analysis. In: Murgante, B., Misra, S., Carlini, M., Torre, C.M., Nguyen, H.-Q., Taniar, D., Apduhan, B.O., Gervasi, O. (eds.) ICCSA 2013, Part III. LNCS, vol. 7973, pp. 175–186. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  3. Kang, M., McCamant, S., Poosankam, P., Song, D.: DTA++: Dynamic taint analysis with targeted control-flow propagation. In: 18th Annual Network and Distributed System Security Symposium (2011)

    Google Scholar 

  4. Miller, C., et al.: Crash Analysis with Bitblaze. Blackhat, USA (2010)

    Google Scholar 

  5. Schwartz, E.J., Avgerinos, T., Brumley, D.: All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution (but might have been afraid to ask). In: IEEE Symposium on Security and Privacy (2010)

    Google Scholar 

  6. Brumley, D., Jager, I., Avgerinos, T., Schwartz, E.J.: BAP: A Binary Analysis Platform. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 463–469. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  7. Song, D., et al.: BitBlaze: A New Approach to Computer Security via Binary Analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 1–25. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  8. Clause, J., Li, W., Orso, A.: Dytan: A Generic Dynamic Taint Analysis Framework. In: Proceedings of the 2007 International Symposium on Software Testing and Analysis. ACM (2007)

    Google Scholar 

  9. Avgerinos, T., Cha, S.K., Hao, B.L.T., Brumley, D.: AEG: Automatic Exploit Generation. In: Proceedings of the Network and Distributed System Security Symposium (2011)

    Google Scholar 

  10. Miller, C., et al.: Crash Analysis with BitBlaze. Blackhat, USA (2010)

    Google Scholar 

  11. Choi, Y.-H., Chung, T.-M.: A Framework for Dynamic Taint Analysis of Binary Executable File. In: Proc. ICISA 2013, Pattaya, pp. 374–375 (2013)

    Google Scholar 

  12. Scholten, M.: Taint Analysis in Practice, pp. 1–29. Vrije Universiteit Amsterdam, Amsterdam (2007)

    Google Scholar 

  13. Newsome, J., Song, D.: Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. Technical report, School of Computer Science Carnegie Mellon University (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Electrical and Computer Engineering, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon-si, Gyeonggi-do, 440-746, Republic of Korea

    Young Hyun Choi, Min-Woo Park & Tai-Myoung Chung

  2. Military Studies, Daejeon University, 62 Daehakro, Dong-gu, Daejeon, Republic of Korea

    Jung-Ho Eom

Authors
  1. Young Hyun Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Min-Woo Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jung-Ho Eom
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tai-Myoung Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Engineering, University of Basilicata, 85100, Potenza, Italy

    Beniamino Murgante

  2. Department of Computer and Information Sciences, Covenant University, Ota, Nigeria

    Sanjay Misra

  3. Department of Production and Systems, University of Minho, 4710-057, Braga, Portugal

    Ana Maria A. C. Rocha

  4. DICAR, Polytecnico di Bari, 70125, Bari, Italy

    Carmelo Torre

  5. University of Minho, Braga, Portugal

    Jorge Gustavo Rocha  & Maria Irene Falcão  & 

  6. Monash University, 3800,, Clayton, VIC, Australia

    David Taniar

  7. Department of Intelligent Informatics, Kyushu Sangyo University, 2-3-1 Matsukadai, 813-8503, Higashi-ku, Fukuoka, Japan

    Bernady O. Apduhan

  8. Department of Mathematics and Computer Science, University of Perugia, Via Vanvitelli, 1, 06123, Perugia, Italy

    Osvaldo Gervasi

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Choi, Y.H., Park, MW., Eom, JH., Chung, TM. (2014). Retracted: Explicit Untainting to Reduce Shadow Memory Usage in Dynamic Taint Analysis. In: Murgante, B., et al. Computational Science and Its Applications – ICCSA 2014. ICCSA 2014. Lecture Notes in Computer Science, vol 8583. Springer, Cham. https://doi.org/10.1007/978-3-319-09156-3_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-09156-3_13

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-09155-6

  • Online ISBN: 978-3-319-09156-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation