Multi-language dynamic taint analysis in a polyglot virtual machine

Kreindl, Jacob; Bonetta, Daniele; Leopoldseder, David; Mössenböck, Hanspeter

doi:10.1145/3426182.3426184

Cited by 13 publications

(3 citation statements)

References 56 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…SecV bridges this gap with a language-agnostic taint tracking approach. TruffleTaint [21] leverages the Truffle framework to provide a language-agnostic platform to build dynamic taint analysis applications. While we leverage very similar instrumentation techniques, we provide a novel way to specify sensitive values through the introduction of secure AST nodes, and leverage these to partition code for the enclave runtime in a language-agnostic fashion.…”

Section: Related Workmentioning

confidence: 99%

SecV

Yuhala,

Felber,

Guiroux

et al. 2023

Proceedings of the 24th International Middleware Conference on ZZZ

View full text Add to dashboard Cite

Trusted execution environments like Intel SGX provide enclaves, which offer strong security guarantees for applications. Running entire applications inside enclaves is possible, but this approach leads to a large trusted computing base (TCB). As such, various tools have been developed to partition programs written in languages such as C or Java into trusted and untrusted parts, which are run in and out of enclaves respectively. However, those tools depend on language-specific taint-analysis and partitioning techniques. They cannot be reused for other languages and there is thus a need for tools that transcend this language barrier.We address this challenge by proposing a multi-language technique to specify sensitive code or data, as well as a multilanguage tool to analyse and partition the resulting programs for trusted execution environments like Intel SGX. We leverage GraalVM's Truffle framework, which provides a language-agnostic abstract syntax tree (AST) representation for programs, to provide special AST nodes called secure nodes that encapsulate sensitive program information. Secure nodes can easily be embedded into the ASTs of a wide range of languages via Truffle's polyglot API. Our technique includes a multi-language dynamic taint tracking tool to analyse and partition applications based on our generic secure nodes. Our extensive evaluation with microand macro-benchmarks shows that we can use our technique for two languages (Javascript and Python), and that partitioned programs can obtain up to 14.5% performance improvement as compared to unpartitioned versions.CCS Concepts: • Security and privacy → Trusted computing; • Software and its engineering → Object oriented frameworks.

show abstract

Section: Related Workmentioning

confidence: 99%

SecV

Yuhala,

Felber,

Guiroux

et al. 2023

Proceedings of the 24th International Middleware Conference on ZZZ

View full text Add to dashboard Cite

show abstract

“…The Truffle framework provides an API to dynamically intercept the execution of nodes in the AST [15,58,62]. This API was used to implement a program profiler [27], a debugger [33], and a taint-tracking tool [21]. In PolyTaint, we leverage this API to implement our partitioning tool.…”

Section: Graalvmmentioning

confidence: 99%

“…SecV bridges this gap with a languageagnostic taint tracking approach. TruffleTaint [21] leverages the Truffle framework to provide a language-agnostic platform to build dynamic taint analysis applications. While we leverage very similar instrumentation techniques, we provide a novel way to specify sensitive values through the introduction of secure AST nodes, and leverage these to partition code for the enclave runtime in a language-agnostic fashion.…”

Section: Related Workmentioning

confidence: 99%

Montsalvat

Yuhala

Ménétrey

Felber

et al. 2021

Proceedings of the 22nd International Middleware Conference

View full text Add to dashboard Cite

The popularity of the Java programming language has led to its wide adoption in cloud computing infrastructures. However, Java applications running in untrusted clouds are vulnerable to various forms of privileged attacks. The emergence of trusted execution environments (TEEs) such as Intel SGX mitigates this problem. TEEs protect code and data in secure enclaves inaccessible to untrusted software, including the kernel and hypervisors. To efficiently use TEEs, developers must manually partition their applications into trusted and untrusted parts, in order to reduce the size of the trusted computing base (TCB) and minimise the risks of security vulnerabilities. However, partitioning applications poses two important challenges: (i) ensuring efficient object communication between the partitioned components, and (ii) ensuring the consistency of garbage collection between the parts, especially with memory-managed languages such as Java. We present Montsalvat, a tool which provides a practical and intuitive annotation-based partitioning approach for Java applications destined for secure enclaves. Montsalvat provides an RMI-like mechanism to ensure inter-object communication, as well as consistent garbage collection across the partitioned components. We implement Montsalvat with GraalVM native-image, a tool for compiling Java applications ahead-of-time into standalone native executables that do not require a JVM at runtime. Our extensive evaluation with micro-and macro-benchmarks shows our partitioning approach to boost performance in real-world applications up to 6.6× (PalDB) and 2.2× (GraphChi) as compared to solutions that naively include the entire applications in the enclave.

show abstract