Anomalous Taint Detection ( Extended Abstract ) ⋆
نویسندگان
چکیده
We propose anomalous taint detection, an approach that combines fine-grained taint tracking with learning-based anomaly detection. Anomaly detection is used to identify behavioral deviations that manifest when vulnerabilities are exercised. Fine-grained taint-tracking is used to target the anomaly detector on those aspects of program behavior that can be controlled by an attacker. Our preliminary results indicate that the combination increases detection accuracy over either technique, and promises to offer better resistance to mimicry attacks.
منابع مشابه
Anomalous Taint Detection
Software security has become an increasing necessity for guaranteeing, as much as possible, the correctness of computer systems. A number of techniques have been developed over the past two decades to mitigate software vulnerabilities. Learning-based anomaly detection techniques have been pursued for many years due to their ability to detect a broad range of attacks, including novel attacks. Mo...
متن کاملSOA Web Security and Applications
The conventional vulnerability detection fails to extend its generic form to an abstract level in coping with particular type of string validation. Consequently the security bypasses key issues such as Java scripting and SQL injection. It causes tremendous business loss and customers risk due to taint distribution and illegal data manipulation. This paper introduces semantic analysis by using m...
متن کاملWhole-system Fine-grained Taint Analysis for Automatic Malware Detection and Analysis
As malware is becoming increasingly sophisticated and stealthy, effective techniques for malware detection and analysis are imperative. Previous detection mechanisms are insufficient. Signature-based detection cannot detect new malware, and watch-point based behavioral detection can be evaded by stealthier design. Most previous analysis mechanisms are too coarse-grained to capture malware behav...
متن کاملInvestigation of taint analysis for Smartphone-implicit taint detection and privacy leakage detection
Today’s Smartphone operating systems frequently fail to provide users with adequate control and visibility into how the third-party applications use their private data. With TaintDroid realized on Android system, we can detect user’s implicit taint and privacy leakage. But TaintDroid has some inherent defects. To better detect user’s implicit taint and privacy leakage in the Android platform, t...
متن کاملA taint marking approach to confidentiality violation detection
This article presents a novel approach to confidentiality violation detection based on taint marking. Information flows are dynamically tracked between applications and objects of the operating system such as files, processes and sockets. A confidentiality policy is defined by labelling sensitive information and defining which information may leave the local system through network exchanges. Fu...
متن کامل