research-article

Phosphor: illuminating dynamic data flow in commodity jvms

Authors:

Gail KaiserAuthors Info & Claims

OOPSLA '14: Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications

Pages 83 - 101

https://doi.org/10.1145/2660193.2660212

Published: 15 October 2014 Publication History

Abstract

Dynamic taint analysis is a well-known information flow analysis problem with many possible applications. Taint tracking allows for analysis of application data flow by assigning labels to data, and then propagating those labels through data flow. Taint tracking systems traditionally compromise among performance, precision, soundness, and portability. Performance can be critical, as these systems are often intended to be deployed to production environments, and hence must have low overhead. To be deployed in security-conscious settings, taint tracking must also be sound and precise. Dynamic taint tracking must be portable in order to be easily deployed and adopted for real world purposes, without requiring recompilation of the operating system or language interpreter, and without requiring access to application source code.

We present Phosphor, a dynamic taint tracking system for the Java Virtual Machine (JVM) that simultaneously achieves our goals of performance, soundness, precision, and portability. Moreover, to our knowledge, it is the first portable general purpose taint tracking system for the JVM. We evaluated Phosphor's performance on two commonly used JVM languages (Java and Scala), on two successive revisions of two commonly used JVMs (Oracle's HotSpot and OpenJDK's IcedTea) and on Android's Dalvik Virtual Machine, finding its performance to be impressive: as low as 3% (53% on average; 220% at worst) using the DaCapo macro benchmark suite. This paper describes our approach toward achieving portable taint tracking in the JVM.

Supplementary Material

ZIP File (oopsla_paper_63_phosphor_artifact.zip)

Download
2215.96 MB

References

[1]

Apache Software Foundation. Apache harmony - open source java platform. http://harmony.apache.org.

[2]

S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y. Le Traon, D. Octeau, and P. McDaniel. Flowdroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '14, pages 259--269, New York, NY, USA, 2014. ACM.

Digital Library

[3]

M. R. Azadmanesh and M. Sharifi. Towards a system-wide and transparent security mechanism using language-level information flow control. In Proceedings of the 3rd International Conference on Security of Information and Networks, SIN '10, pages 19--26, New York, NY, USA, 2010. ACM.

Digital Library

[4]

J. Bell and G. Kaiser. Phosphor: Dynamic taint tracking for the jvm. https://github.com/Programming-Systems-Lab/phosphor.

[5]

S. M. Blackburn, R. Garner, C. Hoffmann, A. M. Khang, K. S. McKinley, R. Bentzur, A. Diwan, D. Feinberg, D. Frampton, S. Z. Guyer, M. Hirzel, A. Hosking, M. Jump, H. Lee, J. E. B. Moss, A. Phansalkar, D. Stefanović, T. VanDrunen, D. von Dincklage, and B. Wiedermann. The dacapo benchmarks: Java benchmarking development and analysis. In OOPSLA '06, pages 169--190, New York, NY, USA, 2006. ACM.

Digital Library

[6]

E. Bruneton, R. Lenglet, and T. Coupaye. Asm: A code manipulation tool to implement adaptable systems. In In Adaptable and extensible component systems, 2002.

[7]

J. M. Bull, L. A. Smith, M. D. Westhead, D. S. Henty, and R. A. Davey. A methodology for benchmarking java grande applications. In in Proceedings of ACM 1999 Java Grande Conference, pages 81--88. ACM Press, 1999.

Digital Library

[8]

D. Chandra. Personal Communication (Email). July 10, 2014.

[9]

D. Chandra and M. Franz. Fine-grained information flow analysis and enforcement in a java virtual machine. In Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual, pages 463--475, Dec 2007.

[10]

W. Chang, B. Streiff, and C. Lin. Efficient and extensible security enforcement using dynamic data flow analysis. In CCS '08, pages 39--50, New York, NY, USA, 2008. ACM.

Digital Library

[11]

W. Cheng, Q. Zhao, B. Yu, and S. Hiroshige. Tainttrace: Efficient flow tracing with dynamic binary rewriting. In Proceedings of the 11th IEEE Symposium on Computers and Communications, ISCC '06, Washington, DC, USA, 2006. IEEE.

Digital Library

[12]

E. Chin and D.Wagner. Efficient character-level taint tracking for java. In Proceedings of the 2009 ACM Workshop on Secure Web Services, SWS '09. ACM, 2009.

Digital Library

[13]

J. Clause,W. Li, and A. Orso. Dytan: A generic dynamic taint analysis framework. In ISSTA '07. ACM, 2007.

Digital Library

[14]

CVE Details. Vulnerability distribution of cve security vulnerabilities by types. http://www.cvedetails.com/vulnerabilities-by-types.php.

[15]

Dex2Jar Project. dex2jar - tools to work with android .dex and java .class files - google project hosting. https://code.google.com/p/dex2jar/.

[16]

W. Enck, P. Gilbert, B.-G. Chun, L. P. Cox, J. Jung, P. McDaniel, and A. N. Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI'10, Berkeley, CA, USA, 2010. USENIX Association.

Digital Library

[17]

M. Ganai, D. Lee, and A. Gupta. Dtam: Dynamic taint analysis of multi-threaded programs for relevancy. In FSE '12, pages 46:1--46:11, New York, NY, USA, 2012. ACM.

Digital Library

[18]

A. Georges, D. Buytaert, and L. Eeckhout. Statistically rigorous java performance evaluation. In Proceedings of the 22Nd Annual ACM SIGPLAN Conference on Object-oriented Programming Systems and Applications, OOPSLA '07, pages 57--76, New York, NY, USA, 2007. ACM.

Digital Library

[19]

E. Gluzberg, E. Gluzberg, S. Fink, and S. Fink. An evaluation of java system services with microbenchmarks. Technical report, 2000.

[20]

S. Guarnieri, M. Pistoia, O. Tripp, J. Dolby, S. Teilhet, and R. Berg. Saving the world wide web from vulnerable javascript. In ISSTA '11, New York, NY, USA, 2011. ACM.

Digital Library

[21]

V. Haldar, D. Chandra, and M. Franz. Dynamic taint propagation for java. In Proceedings of the 21st Annual Computer Security Applications Conference, ACSAC '05, pages 303--311, Washington, DC, USA, 2005. IEEE Computer Society.

Digital Library

[22]

W. G. J. Halfond, A. Orso, and P. Manolios. Using positive tainting and syntax-aware evaluation to counter sql injection attacks. In SIGSOFT '06/FSE-14, pages 175--185, New York, NY, USA, 2006. ACM.

Digital Library

[23]

V. P. Kemerlis, G. Portokalidis, K. Jee, and A. D. Keromytis. Libdft: Practical dynamic data flow tracking for commodity systems. In Proceedings of the 8th ACM SIGPLAN/SIGOPS Conference on Virtual Execution Environments, VEE '12, pages 121--132, New York, NY, USA, 2012. ACM.

Digital Library

[24]

L. C. Lam and T.-c. Chiueh. A general dynamic information flow tracking framework for security applications. In Proceedings of the 22Nd Annual Computer Security Applications Conference, ACSAC '06,Washington, DC, USA, 2006. IEEE.

Digital Library

[25]

T. R. Leek, G. Z. Baker, R. E. Brown, M. A. Zhivich, and R. P. Lippmann. Coverage maximization using dynamic taint tracing. Technical Report TR-1112, MIT Lincoln Lab, 2007.

[26]

T. Lindholm, F. Yellin, G. Bracha, and A. Buckley. The Java Virtual Machine Specification, Java SE 7 edition, Feb 2013.

Digital Library

[27]

M. Migliavacca, I. Papagiannis, D. M. Eyers, B. Shand, J. Bacon, and P. Pietzuch. Defcon: High-performance event processing with information security. In Proceedings of the 2010 USENIX ATC, pages 1--1, Berkeley, CA, USA, 2010. USENIX Association.

Digital Library

[28]

S. K. Nair, P. N. D. Simpson, B. Crispo, and A. S. Tanenbaum. A virtual machine based information flow control system for policy enforcement. Electron. Notes Theor. Comput. Sci., 197(1):3--16, Feb. 2008.

Digital Library

[29]

A. Nguyen-Tuong, S. Guarnieri, D. Greene, J. Shirley, and D. Evans. Automatically hardening web applications using precise tainting. In R. Sasaki, S. Qing, E. Okamoto, and H. Yoshiura, editors, SEC, pages 295--308. Springer, 2005.

[30]

Pendragon Software Corporation. Caffeinemark 3.0. http://www.benchmarkhq.ru/cm30/, 1997.

[31]

I. Roy, D. E. Porter, M. D. Bond, K. S. McKinley, and E. Witchel. Laminar: Practical fine-grained decentralized information flow control. In PLDI '09, pages 63--74, New York, NY, USA, 2009. ACM.

Digital Library

[32]

A. Sewe, M. Mezini, A. Sarimbekov, and W. Binder. Da capo con scala: Design and analysis of a scala benchmark suite for the java virtual machine. In OOPSLA '11, pages 657--676, New York, NY, USA, 2011. ACM.

Digital Library

[33]

S. Son, K. S. McKinley, and V. Shmatikov. Diglossia: detecting code injection attacks with precision and efficiency. In CCS '13, New York, NY, USA, 2013. ACM.

Digital Library

[34]

M. Sridharan, S. Artzi, M. Pistoia, S. Guarnieri, O. Tripp, and R. Berg. F4f: Taint analysis of framework-based web applications. In OOPSLA '11. ACM, 2011.

Digital Library

[35]

G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure program execution via dynamic information flow tracking. In ASPLOS XI, pages 85--96, New York, NY, USA, 2004. ACM.

Digital Library

[36]

The Jikes RVM Project. Jikes rvm - project status. http://jikesrvm.org/Project+Status.

[37]

The Kaffe Team. Kaffe vm. https://github.com/kaffe/kaffe.

[38]

O. Tripp, M. Pistoia, S. J. Fink, M. Sridharan, and O. Weisman. Taj: Effective taint analysis of web applications. In PLDI '09, pages 87--97, New York, NY, USA, 2009. ACM.

Digital Library

[39]

S. Vandebogart, P. Efstathopoulos, E. Kohler, M. Krohn, C. Frey, D. Ziegler, F. Kaashoek, R. Morris, and D. Mazières. Labels and event processes in the asbestos operating system. ACM Trans. Comput. Syst., 25(4), Dec. 2007.

Digital Library

[40]

M. Vitásek,W. Binder, and M. Hauswirth. Shadowdata: Shadowing heap objects in java. In Proceedings of the 11th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering, PASTE '13, pages 17--24, New York, NY, USA, 2013. ACM.

Digital Library

[41]

S. Wei and B. G. Ryder. Practical blended taint analysis for javascript. In ISSTA 2013. ACM, 2013.

Digital Library

[42]

W. Xu, S. Bhatkar, and R. Sekar. Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks. In Proceedings of the 15th Conference on USENIX Security Symposium - Volume 15, USENIX-SS'06, Berkeley, CA, USA, 2006. USENIX Association.

Digital Library

[43]

A. Yip, X.Wang, N. Zeldovich, and M. F. Kaashoek. Improving application security with data flow assertions. In SOSP '09, pages 291--304, New York, NY, USA, 2009. ACM.

Digital Library

[44]

N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazières. Making information flow explicit in histar. In OSDI '06, pages 263--278, Berkeley, CA, USA, 2006. USENIX Association

Digital Library

Cited By

Li ALu SNath SPadhye RSekar VVanbever LZhang I(2024)EXCHAINProceedings of the 21st USENIX Symposium on Networked Systems Design and Implementation10.5555/3691825.3691937(2047-2062)Online publication date: 16-Apr-2024
https://dl.acm.org/doi/10.5555/3691825.3691937
Di PLiu BGao YRoychoudhury APaiva AAbreu RStorey MAniche MNagappan N(2024)MicroFuzz: An Efficient Fuzzing Framework for MicroservicesProceedings of the 46th International Conference on Software Engineering: Software Engineering in Practice10.1145/3639477.3639723(216-227)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3639477.3639723
Pasqua MCeccato MTonella PRoychoudhury APaiva AAbreu RStorey M(2024)Hypertesting of Programs: Theoretical Foundation and Automated Test GenerationProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3640323(1-12)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3640323
Show More Cited By

Index Terms

Phosphor: illuminating dynamic data flow in commodity jvms
1. Security and privacy
  1. Systems security
    1. Information flow control
    2. Operating systems security
2. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language features

Recommendations

Dynamic taint tracking for Java with phosphor (demo)
ISSTA 2015: Proceedings of the 2015 International Symposium on Software Testing and Analysis

Dynamic taint tracking is an information flow analysis that can be applied to many areas of testing. Phosphor is the first portable, accurate and performant dynamic taint tracking system for Java. While previous systems for performing general-purpose ...
Phosphor: illuminating dynamic data flow in commodity jvms
OOPSLA '14

Dynamic taint analysis is a well-known information flow analysis problem with many possible applications. Taint tracking allows for analysis of application data flow by assigning labels to data, and then propagating those labels through data flow. Taint ...
Precise flow-insensitive may-alias analysis is NP-hard

Determining aliases is one of the foundamental static analysis problems, in part because the precision with which this problem is solved can affect the precision of other analyses such as live variables, available expressions, and constant propagation. ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

OOPSLA '14: Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications

October 2014

946 pages

ISBN:9781450325851

DOI:10.1145/2660193

General Chair:
Andrew Black
Portland State University, USA
,
Program Chair:
Todd Millstein
University of California, Los Angeles, USA

ACM SIGPLAN Notices Volume 49, Issue 10
OOPSLA '14
October 2014
907 pages
ISSN:0362-1340
EISSN:1558-1160
DOI:10.1145/2714064
Editor:
Andy Gill
University of Kansas, Lawrence, KS
Issue’s Table of Contents

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGPLAN: ACM Special Interest Group on Programming Languages

In-Cooperation

SIGAda: ACM Special Interest Group on Ada Programming Language

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 October 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

SPLASH '14

Sponsor:

SIGPLAN

SPLASH '14: Conference on Systems, Programming, and Applications: Software for Humanity

October 20 - 24, 2014

Oregon, Portland, USA

Acceptance Rates

OOPSLA '14 Paper Acceptance Rate 52 of 186 submissions, 28%;

Overall Acceptance Rate 268 of 1,244 submissions, 22%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

52
Total Citations
View Citations
613
Total Downloads

Downloads (Last 12 months)42
Downloads (Last 6 weeks)6

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Li ALu SNath SPadhye RSekar VVanbever LZhang I(2024)EXCHAINProceedings of the 21st USENIX Symposium on Networked Systems Design and Implementation10.5555/3691825.3691937(2047-2062)Online publication date: 16-Apr-2024
https://dl.acm.org/doi/10.5555/3691825.3691937
Di PLiu BGao YRoychoudhury APaiva AAbreu RStorey MAniche MNagappan N(2024)MicroFuzz: An Efficient Fuzzing Framework for MicroservicesProceedings of the 46th International Conference on Software Engineering: Software Engineering in Practice10.1145/3639477.3639723(216-227)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3639477.3639723
Pasqua MCeccato MTonella PRoychoudhury APaiva AAbreu RStorey M(2024)Hypertesting of Programs: Theoretical Foundation and Automated Test GenerationProceedings of the IEEE/ACM 46th International Conference on Software Engineering10.1145/3597503.3640323(1-12)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3597503.3640323
He DGui YGao YXue JJust RFraser G(2023)Reducing the Memory Footprint of IFDS-Based Data-Flow Analyses using Fine-Grained Garbage CollectionProceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3597926.3598041(101-113)Online publication date: 12-Jul-2023
https://dl.acm.org/doi/10.1145/3597926.3598041
Kukucka JPina LAmmann PBell JDwyer MDamian DZeller A(2022)CONFETTIProceedings of the 44th International Conference on Software Engineering10.1145/3510003.3510628(438-450)Online publication date: 21-May-2022
https://dl.acm.org/doi/10.1145/3510003.3510628
Su HXu LChao HLi FYuan ZZhou JHuo W(2022)A Sanitizer-centric Analysis to Detect Cross-Site Scripting in PHP Programs2022 IEEE 33rd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE55969.2022.00042(355-365)Online publication date: Oct-2022
https://doi.org/10.1109/ISSRE55969.2022.00042
Lin WZhang LZhang HShao KZhang MXie T(2022)TaintSQL: Dynamically Tracking Fine-Grained Implicit Flows for SQL Statements2022 IEEE 33rd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE55969.2022.00012(1-12)Online publication date: Oct-2022
https://doi.org/10.1109/ISSRE55969.2022.00012
Gao YWang DDai QDou WWei J(2022)Common Data Guided Crash Injection for Cloud Systems2022 IEEE/ACM 44th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion)10.1109/ICSE-Companion55297.2022.9793803(36-40)Online publication date: May-2022
https://doi.org/10.1109/ICSE-Companion55297.2022.9793803
Wang DGao YDou WWei J(2022)DisTA: Generic Dynamic Taint Tracking for Java-Based Distributed Systems2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN53405.2022.00060(547-558)Online publication date: Jun-2022
https://doi.org/10.1109/DSN53405.2022.00060
Kreindl JBonetta DStadler LLeopoldseder DMössenböck HKuchen HSinger J(2021)Low-overhead multi-language dynamic taint analysis on managed runtimes through speculative optimizationProceedings of the 18th ACM SIGPLAN International Conference on Managed Programming Languages and Runtimes10.1145/3475738.3480939(70-87)Online publication date: 29-Sep-2021
https://dl.acm.org/doi/10.1145/3475738.3480939
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten