Lap Chung Lam
Rether Networks Inc.
Stony Brook University
Many software security solutions require accurate tracking of control/data dependencies
among information objects in network applications. While many static
analysis tools have been developed to derive these dependencies at
compile time, they are not very effective in practice, especially for
programs written in languages supporting pointers such as C. This paper presents a general dynamic
information flow tracking framework (called GIFT) for C programs that allows an
application developer to associate application-specific tags with input data,
instruments the application to propagate these tags to all the other data
that are control/data-dependent on them, and invokes
application-specific processing on output data according to their tag values.
To use GIFT, an application developer only needs to implement input and
output proxy functions to tag input data and to perform tag-dependent
processing on output data, respectively.
GIFT features a novel object tagging technique that incurs minimal performance
overhead while maintaining compatibility with legacy library functions.
To demonstrate the usefulness of GIFT, we implement a complete GIFT
application called Aussum, which allows selective sandboxing of network client applications
based on whether their inputs are "tainted" or not. For a set of
computation-intensive test applications, the measured
elapsed time overhead of GIFT is less than 35%.
Keywords: information flow tracking, security, compiler, sandboxing, malicious software
Read Paper (in PDF)