Sciweavers

MICRO
2006
IEEE

LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks

14 years 6 months ago
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks
Computer security is severely threatened by software vulnerabilities. Prior work shows that information flow tracking (also referred to as taint analysis) is a promising technique to detect a wide range of security attacks. However, current information flow tracking systems are not very practical, because they either require program annotations, source code, non-trivial hardware extensions, or incur prohibitive runtime overheads. This paper proposes a low overhead, software-only information flow tracking system, called LIFT, which minimizes run-time overhead by exploiting dynamic binary instrumentation and optimizations for detecting various types of security attacks without requiring any hardware changes. More specifically, LIFT aggressively eliminates unnecessary dynamic information flow tracking, coalesces information checks, and efficiently switches between target programs and instrumented information flow tracking code. We have implemented LIFT on a dynamic binary instrume...
Feng Qin, Cheng Wang, Zhenmin Li, Ho-Seop Kim, Yua
Added 12 Jun 2010
Updated 12 Jun 2010
Type Conference
Year 2006
Where MICRO
Authors Feng Qin, Cheng Wang, Zhenmin Li, Ho-Seop Kim, Yuanyuan Zhou, Youfeng Wu
Comments (0)