A Low-Overhead, Value-Tracking Approach to Information Flow Security

  • Kostyantyn Vorobyov
  • Padmanabhan Krishnan
  • Phil Stocks
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7504)

Abstract

We present a hybrid approach to information flow security where security violations are detected at execution time. We track secure values and secure locations at run time to prevent problems such as password disclosure in C programs. This analysis is safe in the presence of pointer aliasing. Such problems are hard to solve using static analysis (or lead to many false positives). Our technique works on programs with annotations that identify values and locations that need to be secure. We instrument the annotated program with statements that capture relevant information flow with assertions that detect any violation. This instrumentation does not interfere with the safe assignment of values to variables in the program. The instrumented assertions are invoked only when relevant values or locations are involved. We demonstrate the applicability of our approach by analysing various Linux utilities such as su, sudo, passwd, ftp and ssh. Our experiments show that for safe executions the overhead introduced by our instrumentation is, on average, less than 1%.

Keywords

Information flow Program instrumentation Assertion generation Monitoring 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    clang: a C language family frontend for LLVM (March 2012), http://clang.llvm.org
  2. 2.
    Austin, T.H., Flanagan, C.: Efficient purely-dynamic information flow analysis. In: Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security, PLAS 2009, pp. 113–124. ACM (2009)Google Scholar
  3. 3.
    Lattner, C., Adve, V.: LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In: Proceedings of the 2004 International Symposium on Code Generation and Optimization, Palo Alto, California (March 2004)Google Scholar
  4. 4.
    Le Guernic, G., Banerjee, A., Jensen, T.P., Schmidt, D.A.: Automata-Based Confidentiality Monitoring. In: Okada, M., Satoh, I. (eds.) ASIAN 2006. LNCS, vol. 4435, pp. 75–89. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Levenshtein, V.I.: Binary codes capable of correcting deletions, insertions and reversals. Soviet Physics Doklady 10(8), 707–710 (1966)MathSciNetGoogle Scholar
  6. 6.
    Ma, W., Campbell, J., Tran, D., Kleeman, D.: Password entropy and password quality. In: International Conference on Network and System Security, pp. 583–587 (2010)Google Scholar
  7. 7.
    Magazinius, J., Russo, A., Sabelfeld, A.: On-the-fly Inlining of Dynamic Security Monitors. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IFIP AICT, vol. 330, pp. 173–186. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Qin, F., Wang, C., Li, Z., Kim, H., Zhou, Y., Wu, Y.: Lift: A low-overhead practical information flow tracking system for detecting security attacks. In: 39th Annual IEEE/ACM International Symposium on Microarchitecture, Orlando, Florida, USA, pp. 135–148 (December 2006)Google Scholar
  9. 9.
    Russo, A., Sabelfeld, A.: Dynamic vs. static flow-sensitive security analysis. In: Proceedings of the 23rd IEEE Computer Security Foundations Symposium, CSF 2010, pp. 186–199. IEEE (2010)Google Scholar
  10. 10.
    Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications 21(1), 5–19 (2003)CrossRefGoogle Scholar
  11. 11.
    Shroff, P., Smith, S.F., Thober, M.: Dynamic dependency monitoring to secure information flow. In: Proceedings of the 20th IEEE Computer Security Foundations Symposium, CSF 2007, pp. 203–217. IEEE (2007)Google Scholar
  12. 12.
    Smith, G.: Principles of secure information flow analysis. In: Christodorescu, M., Jha, S., Maughan, D., Song, D., Wang, C. (eds.) Malware Detection, Advances in Information Security, vol. 27, pp. 291–307. Springer US (2007)Google Scholar
  13. 13.
    Winskel, G.: The formal semantics of programming languages - an introduction. Foundation of computing series. MIT Press (1993)Google Scholar
  14. 14.
    Yip, A., Wang, X., Zeldovich, N., Kaashoek, M.F.: Improving application security with data flow assertions. In: Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, SOSP 2009, pp. 291–304. ACM (2009)Google Scholar
  15. 15.
    Yu, J., Zhang, S., Liu, P., Li, Z.: Leakprober: a framework for profiling sensitive data leakage paths. In: Proceedings of the 1st ACM Conference on Data and Application Security and Privacy, CODASPY 2011, pp. 75–84. ACM, New York (2011)Google Scholar
  16. 16.
    Zheng, L., Myers, A.C.: Dynamic security labels and static information flow control. International Journal of Information Security 6(2-3), 67–84 (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Kostyantyn Vorobyov
    • 1
  • Padmanabhan Krishnan
    • 1
  • Phil Stocks
    • 1
  1. 1.Centre for Software AssuranceBond UniversityGold CoastAustralia

Personalised recommendations