Abstract | ||
---|---|---|
Taint-tracking is emerging as a general technique in software security to complement virtualization and static analysis. It has been applied for accurate detection of a wide range of attacks on benign software, as well as in malware defense. Although it is quite robust for tackling the former problem, application of taint analysis to untrusted (and potentially malicious) software is riddled with several difficulties that lead to gaping holes in defense. These holes arise not only due to the limitations of information flow analysis techniques, but also the nature of today's software architectures and distribution models. This paper highlights these problems using an array of simple but powerful evasion techniques that can easily defeat taint-tracking defenses. Given today's binary-based software distribution and deployment models, our results suggest that information flow techniques will be of limited use against future malware that has been designed with the intent of evading these defenses. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1007/978-3-540-70542-0_8 | DIMVA |
Keywords | Field | DocType |
malware analysis,information flow technique,future malware,information flow analysis technique,information flow techniques,benign software,software security,taint analysis,distribution model,software architecture,binary-based software distribution,static analysis,information flow | Cryptovirology,Software deployment,Computer security,Software security assurance,Computer science,Software,Taint checking,Malware,Software distribution,Malware analysis,Distributed computing | Conference |
Volume | ISSN | Citations |
5137 | 0302-9743 | 64 |
PageRank | References | Authors |
3.24 | 28 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Lorenzo Cavallaro | 1 | 886 | 52.85 |
Prateek Saxena | 2 | 1915 | 97.73 |
R. C. Sekar | 3 | 2328 | 168.76 |