Hyun Il Lim

KIPS Transactions on Computer and Communication Systems, Vol. 2, No. 7, pp. 303-310, Jul. 2013
10.3745/KTCCS.2013.2.7.303,   PDF Download:

Abstract

As the role of software increases in computing environments, issues in software security become more important problems. Dynamic taint analysis is a technique to trace and manage tainted data originated from unreliable source during the execution of a program. This analysis can be applied to software security verification as well as software behavior understanding, testing unexpected errors, or debugging. In the previous reseaeches, they focused only to show the analysis results of dynamic taint analysis, and they did not logically describe propagation process of tainted data and analysis procedures. So, there were difficulties in understanding the analysis procedures or applying to other analysis. In this paper, by theoretically describing the analysis. In addition, we verify the correctness of the proposed model by implementing an analyzer, and show that propagation of tainted data can be traced by the model. The proposed model can be applied to understand the analysis procedures of data flows in dynamic taint analysis, and can be used as an base knowledge for designing and implementing analysis method, which applies such analysis method.

Statistics
Cite this article