Abstract
Security in embedded systems such as smartphones requires protection of confidential data and applications. Many of security mechanisms use dynamic taint analysis techniques for tracking information flow in software. But these techniques cannot detect control flows that use conditionals to implicitly transfer information from objects to other objects. In particular, malicious applications can bypass Android system and get privacy sensitive information through control flows. We propose an enhancement of dynamic taint analysis that propagates taint along control dependencies by using the static analysis in embedded system such as Google Android operating system. By using this new approach, it becomes possible to protect sensitive information and detect most types of software exploits without reporting too many false positives.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Android, http://www.android.com/
APPLE, INC.: Apple store downloads top three billion (January 2010), http://www.apple.com/pr/library/2010/01/05Apples-App-Store-Downloads-Top-Three-Billion.html
Beres, Y., Dalton, C.: Dynamic label binding at run-time. In: Proceedings of the 2003 Workshop on New Security Paradigms, pp. 39–46. ACM (2003)
Brown, J., Knight Jr., T.: A minimal trusted computing base for dynamically ensuring secure information flow. Project Aries TM-015 (November 2001)
Cheng, W., Zhao, Q., Yu, B., Hiroshige, S.: Tainttrace: Efficient flow tracing with dynamic binary rewriting. In: Proceedings of the 11th IEEE Symposium on ISCC 2006, pp. 749–754. IEEE (2006)
Chess, B., McGraw, G.: Static analysis for security. IEEE Security & Privacy 2(6), 76–79 (2004)
Denning, D.: A lattice model of secure information flow. Communications of the ACM 19(5), 236–243 (1976)
Denning, D., Denning, P.: Certification of programs for secure information flow. Communications of the ACM 20(7), 504–513 (1977)
Denning, D.: Secure information flow in computer systems. Ph.D. thesis, Purdue University (1975)
Derek Bruening, Q.Z.: Dynamorio: Dynamic instrumentation tool platform, http://dynamorio.org/
Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, pp. 1–6. USENIX Association (2010)
Evans, D., Larochelle, D.: Improving security using extensible lightweight static analysis. IEEE Software 19(1), 42–51 (2002)
Fenton, J.: Information protection systems. Ph.D. thesis, University of Cambridge (1973)
Fenton, J.: Memoryless subsystem. Computer Journal 17(2), 143–147 (1974)
Gat, I., Saal, H.: Memoryless execution: a programmer’s viewpoint. IBM tech. rep. 025, IBM Israeli Scientific Center (1975)
George, L., Viet Triem Tong, V., Mé, L.: Blare tools: A policy-based intrusion detection system automatically set by the security policy. In: Recent Advances in Intrusion Detection, pp. 355–356. Springer (2009)
Haldar, V., Chandra, D., Franz, M.: Dynamic taint propagation for java. In: Proceedings of the 21st Annual Computer Security Applications Conference, pp. 303–311. Citeseer (2005)
Hauser, C., Tronel, F., Reid, J., Fidge, C.: A taint marking approach to confidentiality violation detection. In: Proceedings of the 10th Australasian Information Security Conference (AISC 2012), vol. 125. Australian Computer Society (2012)
Hunt, A., Thomas, D.: Programming ruby: The pragmatic programmer’s guide, vol. 2. Addison-Wesley Professional, New York (2000)
Kang, M., McCamant, S., Poosankam, P., Song, D.: Dta++: Dynamic taint analysis with targeted control-flow propagation. In: Proc. of the 18th Annual Network and Distributed System Security Symp., San Diego, CA (2011)
Landi, W.: Undecidability of static analysis. ACM Letters on Programming Languages and Systems (LOPLAS) 1(4), 323–337 (1992)
Myers, A.: Jflow: Practical mostly-static information flow control. In: Proceedings of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 228–241. ACM (1999)
Nair, S., Simpson, P., Crispo, B., Tanenbaum, A.: A virtual machine based information flow control system for policy enforcement. Electronic Notes in Theoretical Computer Science 197(1), 3–16 (2008)
Nethercote, N., Seward, J.: Valgrind: A program supervision framework. Electronic Notes in Theoretical Computer Science 89(2), 44–66 (2003)
Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. Citeseer (2005)
Qin, F., Wang, C., Li, Z., Kim, H., Zhou, Y., Wu, Y.: Lift: A low-overhead practical information flow tracking system for detecting security attacks. In: Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture, pp. 135–148. IEEE Computer Society (2006)
Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)
Shankar, U., Talwar, K., Foster, J., Wagner, D.: Detecting format string vulnerabilities with type qaualifiers. In: Proceedings of the 10th Conference on USENIX Security Symposium, vol. 10, p. 16. USENIX Association (2001)
Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Saxena, P.: BitBlaze: A New Approach to Computer Security via Binary Analysis. In: Sekar, R., Pujari, A.K. (eds.) ICISS 2008. LNCS, vol. 5352, pp. 1–25. Springer, Heidelberg (2008)
Wall, L., Christiansen, T., Orwant, J.: Programming perl. O’Reilly Media (2000)
Yin, H., Song, D., Egele, M., Kruegel, C., Kirda, E.: Panorama: capturing system-wide information flow for malware detection and analysis. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 116–127. ACM (2007)
Zhang, X., Edwards, A., Jaeger, T.: Using cqual for static analysis of authorization hook placement. In: Proceedings of the 11th USENIX Security Symposium, pp. 33–48 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Graa, M., Cuppens-Boulahia, N., Cuppens, F., Cavalli, A. (2012). Detecting Control Flow in Smarphones: Combining Static and Dynamic Analyses. In: Xiang, Y., Lopez, J., Kuo, CC.J., Zhou, W. (eds) Cyberspace Safety and Security. CSS 2012. Lecture Notes in Computer Science, vol 7672. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35362-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-35362-8_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35361-1
Online ISBN: 978-3-642-35362-8
eBook Packages: Computer ScienceComputer Science (R0)