Dynamic taint tracking is an important field of study with manyJava-based tools and systems created to implement it, includingPhosphor, a general purpose taint tracking tool designed forcommodity JVMs like Oracle and OpenJDK. Phosphor works byinstrumenting core Java libraries and the entire application bytecodewith operations to accurately propagate taint information. Prior workstrived to reduce the performance overhead of Phosphor by doingpartial instrumentation. The analysis that determined which parts ofthe program to instrument was effective but flawed.This paper aims to improve that analysis and further reduce theperformance overhead by instrumenting less of the program. We use thePetablox program analysis tool and custom Datalog rules...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of progra...
The examination and monitoring of binaries during runtime, referred to as dynamic binary analysis, i...
Dynamic taint tracking is an information flow analysis that can be applied to many areas of testing....
Dynamic analysis tools are often implemented using instrumentation, particularly on managed runtimes...
We design and implement two Java optimizations based on JSR308 annota- tions: pure method memoizatio...
Taint analysis is a popular method in software analysis field including vulnerability/malware analys...
This paper provides a taxonomy of runtime taint tracking approaches for managed code, such as code w...
Improperly validated user input is the underlying root cause for a wide variety of attacks on web-ba...
A dynamic program analysis provides essential information during later phases of an application deve...
Dynamic taint analysis is a fundamental technique in software security that tracks the flow of inter...
We present Elephant Tracks (ET), a dynamic program analysis tool for Java that produces detailed tra...
Over the past years, widely used platforms such as the Java Class Library have been under constant a...
Taint tracking has been successfully deployed in a range of security applications to track data depe...
Accuracy, completeness, and performance are all major concerns in the context of dynamic program ana...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of progra...
The examination and monitoring of binaries during runtime, referred to as dynamic binary analysis, i...
Dynamic taint tracking is an information flow analysis that can be applied to many areas of testing....
Dynamic analysis tools are often implemented using instrumentation, particularly on managed runtimes...
We design and implement two Java optimizations based on JSR308 annota- tions: pure method memoizatio...
Taint analysis is a popular method in software analysis field including vulnerability/malware analys...
This paper provides a taxonomy of runtime taint tracking approaches for managed code, such as code w...
Improperly validated user input is the underlying root cause for a wide variety of attacks on web-ba...
A dynamic program analysis provides essential information during later phases of an application deve...
Dynamic taint analysis is a fundamental technique in software security that tracks the flow of inter...
We present Elephant Tracks (ET), a dynamic program analysis tool for Java that produces detailed tra...
Over the past years, widely used platforms such as the Java Class Library have been under constant a...
Taint tracking has been successfully deployed in a range of security applications to track data depe...
Accuracy, completeness, and performance are all major concerns in the context of dynamic program ana...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
Although software-attack detection via dynamic taint analysis (DTA) supports high coverage of progra...
The examination and monitoring of binaries during runtime, referred to as dynamic binary analysis, i...