Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dynamic Tainting for Deployed Java Programs Du Li Advisor: Witawas Srisa-an University of Nebraska-Lincoln 1.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Dynamic Tainting for Deployed Java Programs Du Li Advisor: Witawas Srisa-an University of Nebraska-Lincoln 1."— Presentation transcript:

1 Dynamic Tainting for Deployed Java Programs Du Li Advisor: Witawas Srisa-an University of Nebraska-Lincoln 1

2 Example 2

3 Example (Cont) 3

4 Dynamic Tainting Analysis Mark and track certain data at runtime Widely applied to: o Attack prevention o Data lifespan/scope analysis o Generation of test cases o etc. 4

5 Dynamic Tainting Analysis (cont.) Powerful but expensive o Significant overhead o Need third-party tools support o Suitable for debugging and maintenance, too much overhead for deployed systems 5

6 Goal Make dynamic tainting analysis feasible for deployed systems o Fast: High-performance and low overhead o Easy to use: No need for extra HW or SW support o Flexible: Users control what and when to monitor 6

7 Idea Java Virtual Machine is a good platform for dynamic tainting analysis o Useful runtime information  CFG, data access, object life span,... o Existing components  Barriers  Optimizing compilers  Garbage collectors 7

8 Outline Motivation A proposed solution Implementation plan Conclusion 8

9 Motivation Existing dynamic tainting tools have high overhead o Dytan: 30-50 times overhead (Clause et al.) o Taintcheck: 20 times overhead in the worst case (Seward et al.) o Effective memory protector: 25% overhead but need special hardware (Clause et al.) 9

10 Motivation (cont.) Existing solutions need extra SW support o Dytan: on top of PIN (Luk et al.) o TaintChecker: on top of Valgrind (Nethercote et al.) o Require users' extra effort to set up execution environment on third-party tools (not always feasible) 10

11 Motivation (cont.) Existing work is based on binary instrumentation Managed languages (like Java) are popular in many deployed environments It is time to investigate tainting analysis in virtual machines 11

12 Solution JVM-based Dynamic Tainting framework o Easy to use: as one JVM build-in feature, no need for extra tool support, enable by setting a flag o High-performance: utilize existing runtime systems to generate information o Customization: can be configurable to monitor only a subset of data flow 12

13 Implementation JVM has useful infrastructure for dynamic tainting analysis o Read/Write barriers → data access tracing o Garbage collector → marking information process o JIT compilers → optimization 13

14 Implementation (cont.) Data tracing o Write/Read Barriers can monitor all data access efficiently o Garbage collector can help to identify data references o Our experiment and existing work (Blackburn et al.) shows average overhead of barriers can range from 6.49% to 21.24% o Data tracing is the dominant part of overhead 14

15 Implementation (cont.) Achieving High-Performance o JIT compiler is a great place to improve performance  All tainting analysis related code will be optimized by JIT compiler  Data dependency information can be generated by JIT compiler  Make tainting process more accurate and smart 15

16 Implementation (cont.) Achieving Customization o JIT compiler can replace code at runtime  Our framework makes use of JIT compiler to customize tainting analysis sampling rate, granularity, or even turn on/off tainting analysis o Tradeoff between accuracy and performance 16

17 Status 1.Working on Maxine Virtual Machine to build data flow analysis framework 2.Basic components are close to be done 3.Plan to build tainting analysis on top of the framework 17

18 Conclusion Existing tainting analysis solution is powerful but heavy weight JVM base tainting framework is easier to use: efficient, flexible Existing JVM infrastructure can help to improve tainting process 18

Download ppt "Dynamic Tainting for Deployed Java Programs Du Li Advisor: Witawas Srisa-an University of Nebraska-Lincoln 1."

Similar presentations

.NET Technology. Introduction Overview of.NET What.NET means for Developers, Users and Businesses Two.NET Research Projects:.NET Generics AsmL.

.NET Technology. Introduction Overview of.NET What.NET means for Developers, Users and Businesses Two.NET Research Projects:.NET Generics AsmL.
Introduction to Maven 2.0 An open source build tool for Enterprise Java projects Mahen Goonewardene.

Introduction to Maven 2.0 An open source build tool for Enterprise Java projects Mahen Goonewardene.
Using emulation for RTL performance verification

Using emulation for RTL performance verification
Compiler Optimized Dynamic Taint Analysis James Kasten Alex Crowell.

Compiler Optimized Dynamic Taint Analysis James Kasten Alex Crowell.
Overview Motivations Basic static and dynamic optimization methods ADAPT Dynamo.

Overview Motivations Basic static and dynamic optimization methods ADAPT Dynamo.
H28.1 6-Apr-01 Clark Thomborson Software Security CompSci 725 Handout 28: Report Writing #2 (Sample Titles & Abstracts) Clark Thomborson University of.

H Apr-01 Clark Thomborson Software Security CompSci 725 Handout 28: Report Writing #2 (Sample Titles & Abstracts) Clark Thomborson University of.
Helper Threads via Virtual Multithreading on an experimental Itanium 2 processor platform. Perry H Wang et. Al.

Helper Threads via Virtual Multithreading on an experimental Itanium 2 processor platform. Perry H Wang et. Al.
SOS: Saving Time in Dynamic Race Detection with Stationary Analysis Du Li, Witawas Srisa-an, Matthew B. Dwyer.

SOS: Saving Time in Dynamic Race Detection with Stationary Analysis Du Li, Witawas Srisa-an, Matthew B. Dwyer.
Automatic software deployment using user-level virtualization for cloud-computing Future Generation Computer System (2013) Youhui Zhang, Yanhua Li, Weimin.

Automatic software deployment using user-level virtualization for cloud-computing Future Generation Computer System (2013) Youhui Zhang, Yanhua Li, Weimin.
Fast Paths in Concurrent Programs Wen Xu, Princeton University Sanjeev Kumar, Intel Labs. Kai Li, Princeton University.

Fast Paths in Concurrent Programs Wen Xu, Princeton University Sanjeev Kumar, Intel Labs. Kai Li, Princeton University.
Design of a Framework for Testing Security Mechanisms for Program-Based Attacks Ben “Security” Breech and Lori Pollock University of Delaware.

Design of a Framework for Testing Security Mechanisms for Program-Based Attacks Ben “Security” Breech and Lori Pollock University of Delaware.
Virtual Machines Measure Up John Staton Karsten Steinhaeuser University of Notre Dame December 15, 2005 Graduate Operating Systems, Fall 2005 Final Project.

Virtual Machines Measure Up John Staton Karsten Steinhaeuser University of Notre Dame December 15, 2005 Graduate Operating Systems, Fall 2005 Final Project.
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks Feng Qin, Cheng Wang, Zhenmin Li, Ho-seop Kim, Yuanyuan.

LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks Feng Qin, Cheng Wang, Zhenmin Li, Ho-seop Kim, Yuanyuan.
JVM-1 Introduction to Java Virtual Machine. JVM-2 Outline Java Language, Java Virtual Machine and Java Platform Organization of Java Virtual Machine Garbage.

JVM-1 Introduction to Java Virtual Machine. JVM-2 Outline Java Language, Java Virtual Machine and Java Platform Organization of Java Virtual Machine Garbage.
1/28/2004CSCI 315 Operating Systems Design1 Operating System Structures & Processes Notice: The slides for this lecture have been largely based on those.

1/28/2004CSCI 315 Operating Systems Design1 Operating System Structures & Processes Notice: The slides for this lecture have been largely based on those.
The Effect of Data-Reuse Transformations on Multimedia Applications for Different Processing Platforms N. Vassiliadis, A. Chormoviti, N. Kavvadias, S.

The Effect of Data-Reuse Transformations on Multimedia Applications for Different Processing Platforms N. Vassiliadis, A. Chormoviti, N. Kavvadias, S.
Catching Accurate Profiles in Hardware Satish Narayanasamy, Timothy Sherwood, Suleyman Sair, Brad Calder, George Varghese Presented by Jelena Trajkovic.

Catching Accurate Profiles in Hardware Satish Narayanasamy, Timothy Sherwood, Suleyman Sair, Brad Calder, George Varghese Presented by Jelena Trajkovic.
1 The Problem o Fluid software cannot be trusted to behave as advertised unknown origin (must be assumed to be malicious) known origin (can be erroneous.

1 The Problem o Fluid software cannot be trusted to behave as advertised unknown origin (must be assumed to be malicious) known origin (can be erroneous.
A Java Virtual Machine (JVM) enables a set of computer software programs and data structures to use a virtual machine model for the execution of other.

A Java Virtual Machine (JVM) enables a set of computer software programs and data structures to use a virtual machine model for the execution of other.
Java Introduction 劉登榮 Deng-Rung Liu 87/7/15. Outline 4 History 4 Why Java? 4 Java Concept 4 Java in Real World 4 Language Overview 4 Java Performance!?

Java Introduction 劉登榮 Deng-Rung Liu 87/7/15. Outline 4 History 4 Why Java? 4 Java Concept 4 Java in Real World 4 Language Overview 4 Java Performance!?

Similar presentations

Ads by Google