Abstract
Using data flow tracking technology, one can observe how data flows from inputs (sources) to outputs (sinks) of a software system. It has been proposed [1] to do runtime data flow tracking at various layers simultaneously (operating system, application, data base, window manager, etc.), and connect the monitors’ observations to exploit semantic information about the layers to make analyses more precise. This has implications on performance—multiple monitors running in parallel—and on methodology—there needs to be one dedicated monitor per layer. We address both aspects of the problem. We replace a runtime monitor at a layer L by its statically computed input-output dependencies. At runtime, these relations are used by monitors at other layers to model flows of data through L, thus allowing cross-layer system-wide tracking. We achieve this in three steps: (1) static analysis of the application at layer L, (2) instrumentation of the application’s source and sink instructions and (3) runtime execution of the instrumented application in combination with monitors at other layers. The result allows for system-wide tracking of data dissemination, across and through multiple applications. We implement our solution at the Java Bytecode level, and connect it to a runtime OS-level monitor. In terms of precision and performance, we outperform binary-level approaches and can exploit high-level semantics.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Pretschner, A., Lovat, E., Büchler, M.: Representation-independent data usage control. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds.) DPM 2011 and SETOP 2011. LNCS, vol. 7122, pp. 122–140. Springer, Heidelberg (2012)
Harvan, M., Pretschner, A.: State-based usage control enforcement with data flow tracking using system call interposition. In: Proc. Netw. and Sys. Sec. (2009)
Kelbert, F., Pretschner, A.: Data usage control enforcement in distributed systems. In: Proc. 3rd ACM CODASPY (2013)
Lovat, E., Pretschner, A.: Data-centric multi-layer usage control enforcement: a social network example. In: Proc. 16th SACMAT (2011)
Pretschner, A., et al.: Usage control enforcement with data flow tracking for X11. In: Proc. 5th Intl. Worksh. on Sec. and Trust Man. (2009)
Rasthofer, S., Arzt, S., Bodden, E.: A machine-learning approach for classifying and categorizing android sources and sinks. In: Proc. NDSS (2014)
JOANA. http://joana.ipd.kit.edu
Graf, J., Hecker, M., Mohr, M.: Using JOANA for information flow control in java programs - a practical guide. In: Proc. 6th ATPS (2013)
Tripp, O., et al.: TAJ: effective taint analysis of web applications. In: Proc. PLDI 2009
Ferrante, J., Ottenstein, K.J., Warren, J.D.: The program dependence graph and its use in optimization. ACM Trans. Program. Lang. Syst. (1987)
Hammer, C., Snelting, G.: Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs. IJIS (2009)
Reps, T., Horwitz, S., Sagiv, M., Rosay, G.: Speeding up slicing. In: FSE (1994)
Wasserrab, D., Lohner, D.: Proving information flow noninterference by reusing a machine-checked correctness proof for slicing. In: 6th Int. Verif. Worksh. (2010)
Goguen, J., Meseguer, J.: Security policies and security models. In: S & P 1982
Giffhorn, D.: Slicing of Concurrent Programs and its Application to Information Flow Control. Ph.D thesis, Karlsruher Institut für Technologie (2012)
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications (2003)
Giffhorn, D., et al.: A New Algorithm for Low-Deterministic Security. IJIS (2014)
Andersen, L.: Program Analysis and Specialization for the C Programming Language. Ph.D thesis, University of Copenhagen (1994)
Grove, D., Chambers, C.: A Framework for Call Graph Construction Algorithms. ACM Trans. Program. Lang. Syst. (2001)
Shivers, O.: Control flow analysis in scheme. In: Proc. PLDI (1988)
Milanova, A., Rountev, A., Ryder, B.G.: Parameterized Object Sensitivity for Points-to Analysis for Java. ACM Trans. Softw. Eng. Methodol. (2005)
OW2-ASM instrumentation framework. http://asm.ow2.org/
JavaFTP. http://sourceforge.net/projects/javaftp/ (last access: 16 June 2014)
Chandra, D., Franz, M.: Fine-grained information flow analysis and enforcement in a java virtual machine. In: ACSAC (2007)
Wuchner, T., Pretschner, A.: Data loss prevention based on data-driven usage control. In: IEEE Software Reliability Engineering (ISSRE) (2012)
Kemerlis, V., et al.: Libdft: practical dynamic data flow tracking for commodity systems. In: Proc. 8th Conf. on Virtual Execution Environments (2012)
Kim, H.C., Keromytis, A.D., Covington, M., Sahita, R.: Capturing information flow with concatenated dynamic taint analysis. In: ARES (2009)
Bodden, E., et al.: Taming reflection: aiding static analysis in the presence of reflection and custom class loaders. In: 33rd Int. Conf. on Softw. Eng. (2011)
King, D., Hicks, B., Hicks, M.W., Jaeger, T.: Implicit flows: can’t live with ‘em, can’t live without ‘em. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 56–70. Springer, Heidelberg (2008)
Volpano, D.: Safety versus secrecy. In: Cortesi, A., Filé, G. (eds.) SAS 1999. LNCS, vol. 1694, p. 303. Springer, Heidelberg (1999)
Denning, D.E.: A Lattice Model of Secure Information Flow. Comm. ACM (1976)
Volpano, D., et al.: A Sound Type System for Secure Flow Analysis. JCS (1996)
Denning, D.E., Denning, P.J.: Certification of Programs for Secure Information Flow. Comm. ACM (1977)
Banatre, J., Bryce, C., Le Métayer, D.: Compile-Time Detection of Information Flow in Sequential Programs (1994)
Enck, W., et al. TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: OSDI (2010)
Jee, K., et al.: ShadowReplica: efficient parallelization of dynamic data flow tracking. In: Proc. CCS (2013)
Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: CCS (2007)
Demsky, B.: Cross-application Data Provenance and Policy Enforcement. ACM Trans. Inf. Syst. Secur. (2011)
Zhang, Q., et al.: Neon: system support for derived data management. In: SIGPLAN Not. (2010)
Rocha, B.P.S., Conti, M., Etalle, S., Crispo, B.: Hybrid Static-Runtime Information Flow and Declassification Enforcement. IEEE Inf. For. and Sec. (2013)
Fromm, A., Kelbert, F., Pretschner, A.: Data protection in a cloud-enabled smart grid. In: Cuellar, J. (ed.) SmartGridSec 2012. LNCS, vol. 7823, pp. 96–107. Springer, Heidelberg (2013)
Rasthofer, S., Arzt, S., Lovat, E., Bodden, E.: DroidForce: enforcing complex, data-centric. system-wide policies in android. In: Proc. ARES (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Lovat, E., Fromm, A., Mohr, M., Pretschner, A. (2015). SHRIFT System-Wide HybRid Information Flow Tracking. In: Federrath, H., Gollmann, D. (eds) ICT Systems Security and Privacy Protection. SEC 2015. IFIP Advances in Information and Communication Technology, vol 455. Springer, Cham. https://doi.org/10.1007/978-3-319-18467-8_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-18467-8_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18466-1
Online ISBN: 978-3-319-18467-8
eBook Packages: Computer ScienceComputer Science (R0)