SHRIFT System-Wide HybRid Information Flow Tracking - ICT Systems Security and Privacy Protection
Conference Papers Year : 2015

SHRIFT System-Wide HybRid Information Flow Tracking

Abstract

Using data flow tracking technology, one can observe how data flows from inputs (sources) to outputs (sinks) of a software system. It has been proposed [1] to do runtime data flow tracking at various layers simultaneously (operating system, application, data base, window manager, etc.), and connect the monitors’ observations to exploit semantic information about the layers to make analyses more precise. This has implications on performance—multiple monitors running in parallel—and on methodology—there needs to be one dedicated monitor per layer. We address both aspects of the problem. We replace a runtime monitor at a layer L by its statically computed input-output dependencies. At runtime, these relations are used by monitors at other layers to model flows of data through L, thus allowing cross-layer system-wide tracking. We achieve this in three steps: (1) static analysis of the application at layer L, (2) instrumentation of the application’s source and sink instructions and (3) runtime execution of the instrumented application in combination with monitors at other layers. The result allows for system-wide tracking of data dissemination, across and through multiple applications. We implement our solution at the Java Bytecode level, and connect it to a runtime OS-level monitor. In terms of precision and performance, we outperform binary-level approaches and can exploit high-level semantics.
Fichier principal
Vignette du fichier
337885_1_En_25_Chapter.pdf (477.99 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-01345128 , version 1 (13-07-2016)

Licence

Identifiers

Cite

Enrico Lovat, Alexander Fromm, Martin Mohr, Alexander Pretschner. SHRIFT System-Wide HybRid Information Flow Tracking. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.371-385, ⟨10.1007/978-3-319-18467-8_25⟩. ⟨hal-01345128⟩
94 View
57 Download

Altmetric

Share

More