skip to main content
10.1145/2557547.2557551acmconferencesArticle/Chapter ViewAbstractPublication PagescodaspyConference Proceedingsconference-collections
research-article

On quantitative dynamic data flow tracking

Published: 03 March 2014 Publication History

Abstract

We present a non-probabilistic model for dynamic quantitative data flow tracking. Estimations of the amount of data stored in a particular representation at runtime - a file, a window, a network packet - enable the adoption of fine-grained policies which authorize or prohibit partial leaks of data. We prove the correctness of the estimations, provide an implementation that we evaluate w.r.t. precision and performance, and analyze one instantiation at the OS level.

References

[1]
R. Ahlswede, N. Cai, S.-Y. R. Li, and R. W. Yeung. Network information flow. IEEE Transactions on information theory, pages 1204--1216, 2000.
[2]
Y. Boykov and V. Kolmogorov. An experimental comparison of min-cut/max-flow algorithms for energy minimization in vision. TPAMI, pages 1124--1137, 2004.
[3]
P. Buneman, S. Khanna, and T. Wang-Chiew. Why and Where: A Characterization of Data Provenance. In ICDT, pages 316--330, 2001.
[4]
L. Cavallaro, P. Saxena, and R. Sekar. On the limits of information flow techniques for malware analysis. In DIMVA, pages 143--163, 2008.
[5]
W. Cheng, Q. Zhao, B. Yu, and S. Hiroshige. Tainttrace: Efficient flow tracing with dynamic binary rewriting. In ISCC, pages 749--754, 2006.
[6]
J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, and M. Rosenblum. Understanding Data Lifetime via Whole System Simulation. In SSYM, pages 321--336, 2004.
[7]
D. Clark, S. Hunt, and P. Malacaria. Quantitative Analysis of the Leakage of Confidential Data. ENTCS, 59:238--251, 2002.
[8]
M. Clarkson, A. Myers, and F. Schneider. Belief in information flow. In CSFW, pages 31--45, 2005.
[9]
J. A. Clause, W. Li, and A. Orso. Dytan: a generic dynamic taint analysis framework. In ISSTA, pages 196--206, 2007.
[10]
M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham. Vigilante: End-to-end containment of internet worm epidemics. TOCS, pages 1--68, 2008.
[11]
J. R. Crandall and F. T. Chong. Minos: Control Data Attack Prevention Orthogonal to Memory Model. In MICRO-37, pages 221--232. IEEE, 2004.
[12]
B. Demsky. Cross-application data provenance and policy enforcement. TISSEC, pages 1--22, 2011.
[13]
D. E. Denning. A lattice model of secure information flow. Commun. ACM, pages 236--243, May 1976.
[14]
R. Denning and D. Elizabeth. Cryptography and data security. Addison-Wesley, 1982.
[15]
P. Efstathopoulos and E. Kohler. Manageable fine-grained information flow. In SIGOPS, pages 301--313, 2008.
[16]
J. S. Fenton. Memoryless subsystems. The Computer Journal, 17(2):143--147, Feb. 1974.
[17]
B. Fishbain, D. S. Hochbaum, and S. Mueller. Competitive analysis of min-cut max-flow algorithms in vision problems. Technical report, UC Berkeley, 2010.
[18]
J. W. Gray. Toward a mathematical foundation for information flow security. In SP, pages 21--34, 1991.
[19]
M. Harvan and A. Pretschner. State-based Usage Control Enforcement with Data Flow Tracking using System Call Interposition. In NSS, pages 373--380, 2009.
[20]
A. Ho, M. Fetterman, C. Clark, A. Warfield, and S. Hand. Practical taint-based protection using demand emulation. EuroSys 06, 40(4):29, 2006.
[21]
M. G. Kang, S. McCamant, P. Poosankam, and D. Song. DTA++: Dynamic taint analysis with targeted control-flow propagation. In NDSS, 2011.
[22]
M. Krohn, A. Yip, M. Brodsky, N. Cliffer, M. F. Kaashoek, E. Kohler, and R. Morris. Information flow control for standard OS abstractions. In SOSP, pages 321--334, 2007.
[23]
S. McCamant and M. D. Ernst. Quantitative information flow as network flow capacity. In PLDI, pages 193--205, 2008.
[24]
J. Mccullough, M. Vrable, A. C. Snoeren, G. M. Voelker, and S. Savage. Neon: system support for derived data management. VEE, pages 63--74, 2010.
[25]
J. K. Millen. Covert channel capacity. In SP, pages 60--66, 1987.
[26]
R. Neisse, A. Pretschner, and V. D. Giacomo. A trustworthy usage control enforcement framework. In ARES, pages 230--235. IEEE, 2011.
[27]
N. Nethercote and J. Seward. Valgrind: a framework for heavyweight dynamic binary instrumentation. ACM Sigplan Notices, 42(6):89--100, 2007.
[28]
J. Park and R. Sandhu. The ucon abc usage control model. TISSEC, pages 128--174, 2004.
[29]
A. Pretschner, E. Lovat, and M. Büchler. Representation-independent data usage control. In Proc. SETOP/DPM, pages 122--140, 2011.
[30]
N. Provos. Improving host security with system call policies. In Proc. SSYM, pages 257--272, 2003.
[31]
E. Rissanen. Extensible access control markup language v3.0, 2010.
[32]
A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1):5--19, 2003.
[33]
A. Slowinska and H. Bos. Pointless tainting?: evaluating the practicality of pointer tainting. In Proc. EuroSys '09, pages 61--74. ACM, 2009.
[34]
G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure program execution via dynamic information flow tracking. In ASPLOS, pages 85--96, 2004.
[35]
K. Twidle, N. Dulay, E. Lupu, and M. Sloman. Ponder2: A Policy System for Autonomous Pervasive Environments. In ICAS, ICAS, pages 330--335, 2009.
[36]
N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. Reis, M. Vachharajani, and D. August. Rifle: An architectural framework for user-centric information-flow security. MICRO 37, 2004.
[37]
T. Wang, M. Srivatsa, D. Agrawal, and L. Liu. Modeling data flow in socio-information networks: a risk estimation approach. In SACMAT, pages 113--122, 2011.
[38]
H. Yin, D. Song, M. Egele, C. Kruegel, and E. Kirda. Panorama: capturing system-wide information flow for malware detection and analysis. ACM CCS, 2007.
[39]
N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazi. Making Information Flow Explicit in HiStar. In OSDI, pages 263--278, 2006.
[40]
X. Zhang, J. Park, F. Parisi-Presicce, and R. S. Sandhu. A logical specification for usage control. In SACMAT, pages 1--10, 2004.

Cited By

View all
  • (2018)Data Usage Control for Distributed SystemsACM Transactions on Privacy and Security10.1145/318334221:3(1-32)Online publication date: 16-Apr-2018
  • (2017)Generic Semantics Specification and Processing for Inter-System Information Flow TrackingComputer and Network Security Essentials10.1007/978-3-319-58424-9_25(445-460)Online publication date: 13-Aug-2017
  • (2016)Knowledge Management System usage evaluation with logging and quantitative method2016 International Conference on Information Management and Technology (ICIMTech)10.1109/ICIMTech.2016.7930304(66-71)Online publication date: Nov-2016
  • Show More Cited By

Index Terms

  1. On quantitative dynamic data flow tracking

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    CODASPY '14: Proceedings of the 4th ACM conference on Data and application security and privacy
    March 2014
    368 pages
    ISBN:9781450322782
    DOI:10.1145/2557547
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 03 March 2014

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. information flow
    2. runtime monitoring
    3. usage control

    Qualifiers

    • Research-article

    Conference

    CODASPY'14
    Sponsor:

    Acceptance Rates

    CODASPY '14 Paper Acceptance Rate 19 of 119 submissions, 16%;
    Overall Acceptance Rate 149 of 789 submissions, 19%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)0
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 16 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2018)Data Usage Control for Distributed SystemsACM Transactions on Privacy and Security10.1145/318334221:3(1-32)Online publication date: 16-Apr-2018
    • (2017)Generic Semantics Specification and Processing for Inter-System Information Flow TrackingComputer and Network Security Essentials10.1007/978-3-319-58424-9_25(445-460)Online publication date: 13-Aug-2017
    • (2016)Knowledge Management System usage evaluation with logging and quantitative method2016 International Conference on Information Management and Technology (ICIMTech)10.1109/ICIMTech.2016.7930304(66-71)Online publication date: Nov-2016
    • (2014)DAVASTProceedings of the Eleventh Workshop on Visualization for Cyber Security10.1145/2671491.2671499(25-32)Online publication date: 10-Nov-2014
    • (2014)Decentralized Distributed Data Usage ControlProceedings of the 13th International Conference on Cryptology and Network Security - Volume 881310.1007/978-3-319-12280-9_23(353-369)Online publication date: 22-Oct-2014

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media