PPT-TAJ: Effective Taint Analysis of Web Applications

Yinzhi Cao Reference http wwwcstauacil omertrippldi09TAJppt wwwcscmuedu soonhoktalks20110301pdf 2 Motivating Example Inspired by Refl1 in SecuriBench Micro Taint Flow 1. Paper by: James Newsome and Dawn Song. Network and Distributed Systems Security Symposium (NDSS), Feb 2005.. . CS451 Spring 2011. Instructor: Christos Papadopoulos. Original slides by . Devendra. . Incorporating Synchronization Arcs in . Dataflow-Analysis-Based Parallel Monitoring. Michelle Goodstein. *. , Shimin Chen. †. , . Phillip B. Gibbons. ‡. , Michael A. Kozuch. ‡. . and Todd C. Mowry. About Dynamic . Taint . Analysis & Forward . Symbolic . Execution (. but might have been afraid to ask. ). Edward J. Schwartz, . ThanassisAvgerinos. , David . Brumley. Presented by: . Vaibhav . Rastogi. Data tainting and analysis. Roadmap. Background. TaintDroid. JavaScript. Conclusion. Background. In smartphone, we. . use third-party applications such as . - Google map, Angry bird … . etc. More than 10Billion Apps. (but might have been afraid to ask). IEEE S&P 2010. Overview. Two Main Contributions. Precisely describe the algorithms for dynamic taint analysis and forward symbolic execution as extensions to the run-time semantics of a general language. Yinzhi Cao. Reference: . http. ://www.cs.tau.ac.il/~. omertrip/pldi09/TAJ.ppt. www.cs.cmu.edu/~. soonhok/talks/20110301.pdf. 2. Motivating Example. *. * Inspired by . Refl1. in. SecuriBench Micro. Taint Flow #1. Edward J. Schwartz, . Thanassis. Avgerinos, David . Brumley. Presented by: . Haitao Xu. 1. The Root of All Evil. Humans write programs. This Talk:. Computers Analyzing Programs Dynamically at Runtime. Suman Jana. Dynamic Taint Analysis. Track information flow through a program at runtime. Identify sources of taint – . “. TaintSeed. ”. What are you tracking?. Untrusted input. Sensitive data. Taint Policy – . About Dynamic . Taint . Analysis & Forward . Symbolic . Execution (. but might have been afraid to ask. ). Edward J. Schwartz, . ThanassisAvgerinos. , David . Brumley. Presented by: . Vaibhav . Rastogi. Roadmap. Background. TaintDroid. JavaScript. Conclusion. Background. In smartphone, we. . use third-party applications such as . - Google map, Angry bird … . etc. More than 10Billion Apps. Because it’s useful.. Dynamic Taint Analysis. Track information flow through a program at runtime. Identify sources of taint – . “. TaintSeed. ”. What are you tracking?. Untrusted input. Sensitive data. Taint Policy – . App Sets. Will Klieber*, Lori Flynn, . Amar Bhosale , Limin Jia, and Lujo Bauer . Carnegie Mellon University. *presenting. Motivation. Detect malicious apps that leak sensitive data.. Realtime. Privacy. Monitoring On Smartphones. Authors:. William . Enck. The . Pennsylvania State . University . Peter Gilbert Duke University . Byung-Gon. Chun Intel Labs . Landon . P. . Cox Duke University . Dataflow-Analysis-Based Parallel Monitoring. Michelle Goodstein. *. , Shimin Chen. †. , . Phillip B. Gibbons. ‡. , Michael A. Kozuch. ‡. . and Todd C. Mowry. *. *. Carnegie Mellon University. .