article

Dynamic binary analyzer for scanning vulnerabilities with taint analysis

Authors:

Young-Hyun Choi,

Tai-Myoung ChungAuthors Info & Claims

Multimedia Tools and Applications, Volume 74, Issue 7

Pages 2301 - 2320

https://doi.org/10.1007/s11042-014-1922-5

Published: 01 April 2015 Publication History

Abstract

In this paper, we introduce an overview of a dynamic binary analyzer for scanning vulnerabilities by performing taint analysis. People have been using the traditional security programs of pattern matching technique such as anti-virus and anti-spyware to protect their computer from malicious code. These security programs, however, cannot completely scan malicious behaviors attacking through the unknown vulnerability and are hard to protect from the attacks using self-modifying code which changes its own codes during runtime. To prevent these security risks, we develop the dynamic binary analyzer that can find these unknown vulnerabilities and self-modifying code. We adopt taint analysis to find vulnerabilities that transpire during runtime. Also using taint analysis let us check what effects have been occurred to programs by the input data and how they do spread widely to across the resources in an operating system. Adopting the dynamic analysis that drives and analyzes the system only in virtual machine circumstance through the emulator can make us detect the falsification of program code in program operational process. So we describe the framework of our analyzer and then explain the execution process and output of each process by using three test case demonstrations. Furthermore, we introduce several test cases of the security vulnerability for the demonstration and explain the results of proposed analyzer on test cases. The dynamic binary analyzer for scanning vulnerabilities with taint analysis (1) can find out existed security vulnerabilities in binary file, (2) can monitor all the actions of the binary file that affects operating system and (3) can be an expandable tool through the additional security element and policy.

References

[1]

Bellard F (2007) QEMU open source processor emulator. QEMU. http://www.qemu.org Accessed 30 July 2013

[2]

Brumley D, Jager I, Avgerinos T, Schwartz E J (2011) BAP: a binary analysis platform. In Proc: CAV 2011, LNCS, vol. 6806, Springer, Heidelberg, pp. 463---469

Digital Library

[3]

Caballero J, Johnson NM, Kang M-G, McCamant S, Poosankam P, Song D (2010) Crash analysis with bitblaze. Blackhat, USA

[4]

Choi Y-H, Chung T-M (2013) A framework for dynamic taint analysis of binary executable file. In. Proc. ICISA 2013, Pattaya, pp. 374---375

[5]

Chow J, Pfaff B, Garnkel T, Christopher K, Rosenblum M (2004) Understanding data lifetime via whole system simulation. In Proc: 13th USENIX Security Symposium, San Diego, pp. 321---336

Digital Library

[6]

Claburn T (2009) Cyber attack code starts killing infected PCs. Information Week Government. http://www.informationweek.com/government/security/cyber-attack-code-starts-killing-infecte/218401559 Accessed 30 July 2013

[7]

Clause J, Li W, Orso A (2007) Dytan: a generic dynamic taint analysis framework. In Proc: the 2007 International Symposium on Software Testing and Analysis, ACM

Digital Library

[8]

Elinor M (2009) Botnet worm in DOS attacks could wipe data out on infected PCs. CNET News. http://news.cnet.com/8301-1009_3-10284281-83.html Accessed 30 July 2013

[9]

Heo G-I, Park Y-J, Park W-H (2013) Vulnerability of information disclosure in data transfer section for constructing a safe smart work infrastructure. Multimed Tools Appl.

[10]

Jang Y-T, Chang S-E, Chen P-A (2013) Exploring social networking sites for facilitating multi-channel retailing. Multimed Tools Appl.

Digital Library

[11]

Kang M, McCamant S, Poosankam P, Song D (2011) DTA++: dynamic taint analysis with targeted control-flow propagation. In Proc: 18th Annual Network and Distributed System Security Symposium

[12]

Martyn W (2009) UK, not North Korea, source of DDOS attacks, researcher says. Computerworld. http://www.computerworld.com/s/article/9135492/U.K._not_North_Korea_source_of_DDOS_attacks_researcher_says Accessed 30 July 2013

[13]

Mayer C-B, Candan K-S, Sangam V (2004) Effects of user request patterns on a multimedia delivery system. Multimed Tools Appl 243:233---251

Digital Library

[14]

Min J-W, Choi Y-H, Eom J-H, Chung T-M (2013) Eplicit untainting to reduce shadow memory usage and access frequency in taint analysis. In Proc: ICCSA2013, pp.195---186

[15]

Newsome J, Song D (2004) Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. Technical report, School of Computer Science Carnegie Mellon University

[16]

Rahbar A (2006) Stack overflow on windows vista. Sysdream. http://www.sysdream.com/sites/default/files/Stack%20overflow%20on%20Windows%20Vista.pdf Accessed 30 July 2013

[17]

Scholten M (2007) Taint analysis in practice. Vrije Universiteit Amsterdam, Amsterdam, pp 1---29

[18]

Schwartz E, Avgerinos T, Brumley D (2010) All you ever wanted to know about dynamic taint analysis and forward symbolic execution. Security and Privacy (SP), 2010 I.E. Symposium, pp. 317---331

Digital Library

[19]

Song D, Brumley D, Yin H, Caballero J, Jager I, Kang M, Liang Z, Newsome J, Poosankam P, Saxena P (2008) BitBlaze: a new approach to computer security via binary analysis. 4th International Conference on Information Systems Security (ICISS), pp. 1---25, Information Systems Security, Lecture Notes in Computer Science

Digital Library

[20]

Sudworth J (2009) New `cyber attacks' hit S Korea. BBC News. http://news.bbc.co.uk/2/hi/asia-pacific/8142282.stm Accessed 30 July 2013

[21]

Urueña M, Muñoz A, Larrabeiti D (2013) Analysis of privacy vulnerabilities in single sign-on mechanisms for multimedia websites. Multimed Tools Appl.

[22]

Wu H-T, Hsieh W-S (2013) RSU-based message authentication for vehicular ad-hoc networks. Multimed Tools Appl 66:215---227.

Digital Library

[23]

Yin H, Song D, Egele M, Kruegel C, Kirda E (2007) Panorama: capturing system-wide information flow for malware detection and analysis. Computer and Communication Security (CCS), Alexandria

Digital Library

Cited By

Samhi JGao JDaoudi NGraux PHoyez HSun XAllix KBissyandé TKlein JDwyer MDamian DZeller A(2022)JuCifyProceedings of the 44th International Conference on Software Engineering10.1145/3510003.3512766(1232-1244)Online publication date: 21-May-2022
https://dl.acm.org/doi/10.1145/3510003.3512766
Yao YZhou WJia YZhu LLiu PZhang Y(2019)Identifying Privilege Separation Vulnerabilities in IoT Firmware with Symbolic ExecutionComputer Security – ESORICS 201910.1007/978-3-030-29959-0_31(638-657)Online publication date: 23-Sep-2019
https://dl.acm.org/doi/10.1007/978-3-030-29959-0_31
Wang XMa HJing LMakarevich OPoet RElçi AGaur MOrgun MBabenko LFerdous SHo ALaxmi VPieprzyk J(2015)A dynamic marking method for implicit information flow in dynamic taint analysisProceedings of the 8th International Conference on Security of Information and Networks10.1145/2799979.2799988(275-282)Online publication date: 8-Sep-2015
https://dl.acm.org/doi/10.1145/2799979.2799988
Show More Cited By

Dynamic binary analyzer for scanning vulnerabilities with taint analysis
1. Security and privacy
  1. Systems security
2. Social and professional topics
  1. Computing / technology policy

Recommendations

Compiler-based Attack Origin Tracking with Dynamic Taint Analysis
Information Security and Cryptology – ICISC 2021
Abstract
Over the last decade, many exploit mitigations based on Control Flow Integrity (CFI) have been developed to secure programs from being hijacked by attackers. However, most of them only abort the protected application after attack detection, ...
Using Precise Taint Tracking for Auto-sanitization
PLAS '17: Proceedings of the 2017 Workshop on Programming Languages and Analysis for Security

Taint analysis has been used in numerous scripting languages such as Perl and Ruby to defend against various form of code injection attacks, such as cross-site scripting (XSS) and SQL-injection. However, most taint analysis systems simply fail when ...
Hash-flow taint analysis of higher-order programs
PLAS '12: Proceedings of the 7th Workshop on Programming Languages and Analysis for Security

As web applications have grown in popularity, so have attacks on such applications. Cross-site scripting and injection attacks have become particularly problematic. Both vulnerabilities stem, at their core, from improper sanitization of user input.

We ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Multimedia Tools and Applications

Multimedia Tools and Applications Volume 74, Issue 7

April 2015

352 pages

ISSN:1380-7501

Issue’s Table of Contents

Copyright © Copyright © 2015 Springer Science+Business Media New York.

Publisher

Kluwer Academic Publishers

United States

Publication History

Published: 01 April 2015

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Samhi JGao JDaoudi NGraux PHoyez HSun XAllix KBissyandé TKlein JDwyer MDamian DZeller A(2022)JuCifyProceedings of the 44th International Conference on Software Engineering10.1145/3510003.3512766(1232-1244)Online publication date: 21-May-2022
https://dl.acm.org/doi/10.1145/3510003.3512766
Yao YZhou WJia YZhu LLiu PZhang Y(2019)Identifying Privilege Separation Vulnerabilities in IoT Firmware with Symbolic ExecutionComputer Security – ESORICS 201910.1007/978-3-030-29959-0_31(638-657)Online publication date: 23-Sep-2019
https://dl.acm.org/doi/10.1007/978-3-030-29959-0_31
Wang XMa HJing LMakarevich OPoet RElçi AGaur MOrgun MBabenko LFerdous SHo ALaxmi VPieprzyk J(2015)A dynamic marking method for implicit information flow in dynamic taint analysisProceedings of the 8th International Conference on Security of Information and Networks10.1145/2799979.2799988(275-282)Online publication date: 8-Sep-2015
https://dl.acm.org/doi/10.1145/2799979.2799988
Oh SGhose SRyu J(2015)Guest EditorialMultimedia Tools and Applications10.1007/s11042-015-2517-574:7(2195-2200)Online publication date: 1-Apr-2015
https://dl.acm.org/doi/10.1007/s11042-015-2517-5

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents