skip to main content
10.1145/1378533.1378538acmconferencesArticle/Chapter ViewAbstractPublication PagesspaaConference Proceedingsconference-collections
research-article

Parallelizing dynamic information flow tracking

Published: 14 June 2008 Publication History

Abstract

Dynamic information flow tracking (DIFT) is an important tool for detecting common security attacks and memory bugs. A DIFT tool tracks the flow of information through a monitored program's registers and memory locations as the program executes, detecting and containing/fixing problems on-the-fly. Unfortunately, sequential DIFT tools are quite slow, and DIFT is quite challenging to parallelize. In this paper, we present a new approach to parallelizing DIFT-like functionality. Extending our recent work on accelerating sequential DIFT, we consider a variant of DIFT that tracks the information flow only through unary operations relaxed DIFT, and yet makes sense for detecting security attacks and memory bugs. We present a parallel algorithm for relaxed DIFT, based on symbolic inheritance tracking, which achieves linear speed-up asymptotically. Moreover, we describe techniques for reducing the constant factors, so that speed-ups can be obtained even with just a few processors. We implemented the algorithm in the context of a Log-Based Architectures (LBA) system, which provides hardware support for logging a program trace and delivering it to other (monitoring) processors. Our simulation results on SPEC benchmarks and a video player show that our parallel relaxed DIFT reduces the overhead to as low as 1.2X using 9 monitoring cores on a 16-core chip multiprocessor.

References

[1]
D. Bruening. Efficient, Transparent, and Comprehensive Runtime Code Manipulation. PhD thesis, MIT, 2004.
[2]
W. R. Bush, J. D. Pincus, and D. J. Sielaff. A static analyzer for finding dynamic programming errors. Software -- Practice and Experience, 30(7), 2000.
[3]
S. Chen, B. Falsafi, P. B. Gibbons, M. Kozuch, T. C. Mowry, R. Teodorescu, A. Ailamaki, L. Fix, G. R. Ganger, B. Lin, and S. W. Schlosser. Log-based architectures for general-purpose monitoring of deployed code. In ASID Workshop at ASPLOS, 2006.
[4]
S. Chen, M. Kozuch, T. Strigkos, B. Falsafi, P. B. Gibbons, T. C. Mowry, V. Ramachandran, O. Ruwase, M. Ryan, and E. Vlachos. Flexible hardware acceleration for instruction-grain program monitoring. In ISCA, 2008.
[5]
M. L. Corliss, E. C. Lewis, and A. Roth. DISE: A programmable macro engine for customizing applications. In ISCA, 2003.
[6]
M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham. Vigilante: End-to-end containment of Internet worms. In SOSP, 2005.
[7]
C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In USENIX Security, 1998.
[8]
J. R. Crandall and F. T. Chong. Minos: Control data attack prevention orthogonal to memory model. In MICRO-37, 2004.
[9]
M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: a flexible information flow architecture for software security. In ISCA, 2007.
[10]
D. Engler, B. Chelf, A. Chou, and S. Hallem. Checking system rules using system-specific, programmer-written compiler extensions. In OSDI, 2000.
[11]
M. D. Ernst, J. Cockrell, W. G. Griswold, and D. Notkin. Dynamically discovering likely program invariants to support program evolution. IEEE Transactions on Software Engineering, 27(2), 2001.
[12]
C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. In PLDI, 2002.
[13]
R. Karp and V. Ramachandran. Parallel algorithms for shared-memory machines. In Handbook of Theoretical Computer Science. Elsevier, 1990.
[14]
C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. Pin: Building customized program analysis tools with dynamic instrumentation. In PLDI, 2005.
[15]
S. Narayanasamy, G. Pokam, and B. Calder. BugNet: Continuously recording program execution for deterministic replay debugging. In ISCA, 2005.
[16]
N. Nethercote. Dynamic Binary Analysis and Instrumentation. PhD thesis, U. Cambridge, 2004. http://valgrind.org.
[17]
N. Nethercote and J. Seward. Valgrind: A program supervision framework. Electronic Notes in Theoretical Computer Science, 89(2), 2003.
[18]
N. Nethercote and J. Seward. How to shadow every byte of memory used by a program. In VEE, 2007.
[19]
N. Nethercote and J. Seward. Valgrind: A framework for heavyweight dynamic binary instrumentation. In PLDI, 2007.
[20]
J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In NDSS, 2005.
[21]
E. B. Nightingale, D. Peek, P. M. Chen, and J. Flinn. security checks on commodity hardware. In ASPLOS, 2008.
[22]
H. Patil and C. Fischer. Low-cost, concurrent checking of pointer and array accesses in c programs. Softw. Pract. Exper., 27(1):87--110, 1997.
[23]
F. Qin, C.Wang, Z. Li, H. Kim, Y. Zhou, and Y. Wu. LIFT: A low-overhead practical information flow tracking system for detecting security attacks. In MICRO-39, 2006.
[24]
S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A dynamic race detector for multi-threaded programs. ACM TOCS, 15(4), 1997.
[25]
R. Shetty, M. Kharbutli, Y. Solihin, and M. Prvulovic. Heapmon: A helper-thread approach to programmable, automatic, and low-overhead memory bug detection. IBM J. on Research and Development, 50(2/3), 2006.
[26]
W. Shi, H.-H. S. Lee, L. Falk, and M. Ghosh. An integrated framework for dependable and revivable architectures using multicore processors. In ISCA, 2006.
[27]
G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure program execution via dynamic information flow tracking. In ACM ASPLOS-XI, 2004.
[28]
The MITRE Corporation. Common vulnerabilities and exposures (cve). http://cve.mitre.org/.
[29]
G.-R. Uh, R. Cohn, B. Yadavalli, R. Peri, and R. Ayyagari. Analyzing dynamic binary instrumentation overhead. In WBIA Workshop at ASPLOS, 2006.
[30]
G. Venkataramani, I. Doudalis, Y. Solihin, and M. Prvulovic. FlexiTaint: A programmable accelerator for dynamic taint propagation. In HPCA, 2008.
[31]
G. Venkataramani, B. Roemer, Y. Solihin, and M. Prvulovic. MemTracker: Efficient and programmable support for memory access monitoring and debugging. In HPCA-13, 2007.
[32]
J. Wilander and M. Kamkar. A comparison of publicly available tools for dynamic buffer overflow prevention. In NDSS, 2003.
[33]
M. Xu, R. Bodik, and M. D. Hill. A 'Flight Data Recorder' for enabling full-system multiprocessor deterministic replay. In ISCA, 2003.
[34]
M. Xu, R. Bodik, and M. D. Hill. A regulated transitive reduction (rtr) for longer memory race recording. In ASPLOS, 2006.
[35]
P. Zhou, R. Teodorescu, and Y. Zhou. HARD: Hardware-assisted lockset-based race detection. In HPCA-13, 2007.
[36]
Y. Zhou, P. Zhou, F. Qin, W. Liu, and J. Torrellas. Efficient and flexible architectural support for dynamic monitoring. ACM TACO, 2(1), 2005.

Cited By

View all
  • (2024)HardTaint: Production-Run Dynamic Taint Analysis via Selective Hardware TracingProceedings of the ACM on Programming Languages10.1145/36897688:OOPSLA2(1615-1640)Online publication date: 8-Oct-2024
  • (2024)Enhancing HW-SW Confidentiality Verification for Embedded Processors with SoftFlow’s Advanced Memory Range FeatureVLSI-SoC 2023: Innovations for Trustworthy Artificial Intelligence10.1007/978-3-031-70947-0_13(251-272)Online publication date: 29-Dec-2024
  • (2023)Raft: Hardware-assisted Dynamic Information Flow Tracking for Runtime Protection on RISC-VProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607246(595-608)Online publication date: 16-Oct-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SPAA '08: Proceedings of the twentieth annual symposium on Parallelism in algorithms and architectures
June 2008
380 pages
ISBN:9781595939739
DOI:10.1145/1378533
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 June 2008

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. dynamic information flow tracking (dift)
  2. log-based monitoring
  3. parallel algorithm
  4. program monitoring
  5. taint analysis

Qualifiers

  • Research-article

Conference

SPAA08

Acceptance Rates

Overall Acceptance Rate 447 of 1,461 submissions, 31%

Upcoming Conference

SPAA '25
37th ACM Symposium on Parallelism in Algorithms and Architectures
July 28 - August 1, 2025
Portland , OR , USA

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)10
  • Downloads (Last 6 weeks)3
Reflects downloads up to 19 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)HardTaint: Production-Run Dynamic Taint Analysis via Selective Hardware TracingProceedings of the ACM on Programming Languages10.1145/36897688:OOPSLA2(1615-1640)Online publication date: 8-Oct-2024
  • (2024)Enhancing HW-SW Confidentiality Verification for Embedded Processors with SoftFlow’s Advanced Memory Range FeatureVLSI-SoC 2023: Innovations for Trustworthy Artificial Intelligence10.1007/978-3-031-70947-0_13(251-272)Online publication date: 29-Dec-2024
  • (2023)Raft: Hardware-assisted Dynamic Information Flow Tracking for Runtime Protection on RISC-VProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607246(595-608)Online publication date: 16-Oct-2023
  • (2023)SoftFlow: Automated HW-SW Confidentiality Verification for Embedded Processors2023 IFIP/IEEE 31st International Conference on Very Large Scale Integration (VLSI-SoC)10.1109/VLSI-SoC57769.2023.10321922(1-6)Online publication date: 16-Oct-2023
  • (2022)FSAFlow: Lightweight and Fast Dynamic Path Tracking and Control for Privacy Protection on Android Using Hybrid Analysis with State-Reduction Strategy2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833764(2114-2129)Online publication date: May-2022
  • (2021)Dynamic Information Flow Tracking: Taxonomy, Challenges, and OpportunitiesMicromachines10.3390/mi1208089812:8(898)Online publication date: 29-Jul-2021
  • (2021)Hardware Information Flow TrackingACM Computing Surveys10.1145/344786754:4(1-39)Online publication date: 3-May-2021
  • (2020)Tell You a Definite Answer: Whether Your Data is Tainted During Thread SchedulingIEEE Transactions on Software Engineering10.1109/TSE.2018.287166646:9(916-931)Online publication date: 1-Sep-2020
  • (2019)Iodine: Fast Dynamic Taint Tracking Using Rollback-free Optimistic Hybrid Analysis2019 IEEE Symposium on Security and Privacy (SP)10.1109/SP.2019.00043(490-504)Online publication date: May-2019
  • (2018)HomePad: A Privacy-Aware Smart Hub for Home Environments2018 IEEE/ACM Symposium on Edge Computing (SEC)10.1109/SEC.2018.00012(58-73)Online publication date: Oct-2018
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media