It is difficult to dynamically assess the runtime trustworthiness of a software program. Improperly validated user input is the underlying root cause for a wide variety of attacks on applications. This paper proposes an approach for constructing a trusted software behaviour model related with the input data for identifying and tracking the insecure information flows based on dynamic tainting analysis and dynamic slicing technology. It can tag and track user input at runtime and prevents its improper use to maliciously affect the execution of the program. We regard an instruction as a basic analysis unit and focus on information flow caused by variable assignment, the information flow of each instruction is defined as its behaviour specifica...
Taint analysis is a popular method in software analysis field including vulnerability/malware analys...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
We present a simple architectural mechanism called dynamic information flow tracking that can signif...
It is difficult to dynamically assess the runtime trustworthiness of a software program. Improperly ...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
A number of systems employ dynamic taint analysis to detect overwrite attacks in commodity software....
Information flow analysis is concerned with validating the security of information flows between obj...
Many embedded systems today are no longer isolated con-trol units, but are fully fledged miniature d...
A new approach to dynamic information flow analysis is presented that can be used to detect and debu...
Beginning with the work of Forrest et al, several researchers have developed intrusion detection tec...
Software assurance is of paramount importance given the increasing impact of software on our lives. ...
A number of systems employ dynamic taint analysis to detect overwrite attacks in commodity software....
Detecting bugs plays a significant role in software development. Bugs may lead to unexpected behavio...
Improperly validated user input is the underlying root cause for a wide variety of attacks on web-ba...
Current taint checking architectures monitor tainted data usage mainly with control transfer instruc...
Taint analysis is a popular method in software analysis field including vulnerability/malware analys...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
We present a simple architectural mechanism called dynamic information flow tracking that can signif...
It is difficult to dynamically assess the runtime trustworthiness of a software program. Improperly ...
textMany challenges in software quality can be tackled with dynamic analysis. However, these techniq...
A number of systems employ dynamic taint analysis to detect overwrite attacks in commodity software....
Information flow analysis is concerned with validating the security of information flows between obj...
Many embedded systems today are no longer isolated con-trol units, but are fully fledged miniature d...
A new approach to dynamic information flow analysis is presented that can be used to detect and debu...
Beginning with the work of Forrest et al, several researchers have developed intrusion detection tec...
Software assurance is of paramount importance given the increasing impact of software on our lives. ...
A number of systems employ dynamic taint analysis to detect overwrite attacks in commodity software....
Detecting bugs plays a significant role in software development. Bugs may lead to unexpected behavio...
Improperly validated user input is the underlying root cause for a wide variety of attacks on web-ba...
Current taint checking architectures monitor tainted data usage mainly with control transfer instruc...
Taint analysis is a popular method in software analysis field including vulnerability/malware analys...
Being able to properly represent dynamic code, or the notion of code that is created/modified at run...
We present a simple architectural mechanism called dynamic information flow tracking that can signif...