IEICE Trans. Inf. & Syst.
 2009
DOI: 10.1587/transinf.e92.d.548
|View full text |Cite
|
Sign up to set email alerts
|

On the Deployment of Dynamic Taint Analysis for Application Communities

Hyung Chan Kim
1
,
Angelos D. Keromytis
2

Abstract: SUMMARYAlthough software-attack detection via dynamic taint analysis (DTA) supports high coverage of program execution, it prohibitively degrades the performance of the monitored program. This letter explores the possibility of collaborative dynamic taint analysis among members of an application community (AC): instead of full monitoring for every request at every instance of the AC, each member uses DTA for some fraction of the incoming requests, thereby loosening the burden of heavyweight monitoring. Our exp… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
1
0

Year Published

2011
2011
2019
2019

Publication Types

Select...
3
1

Relationship

0
4

Authors

Journals

citations
Cited by 4 publications
(1 citation statement)
references
References 11 publications
0
1
0
Order By: Relevance
“…When source code is available, we will insert the instrumentation through source-code transformations [16], [17]. Otherwise, we will inject our instrumentation in program binaries using the PIN binary rewriting tool (which is neither as efficient nor as effective, due to the various challenges in working with binaries) [18], [4]. The specific vulnerability types we are protecting against include number handling, error handling, concurrency handling, memory safety errors (e.g., buffer overflows/underflows), null pointer and tainted data/input validation errors.…”
Section: Research Directionmentioning
confidence: 99%

The MINESTRONE Architecture Combining Static and Dynamic Analysis Techniques for Software Security

Keromytis1,
Stolfo2,
Yang3
et al. 2011
2011 First SysSec Workshop
4
0
3
0
View full textAdd to dashboardCite
“…When source code is available, we will insert the instrumentation through source-code transformations [16], [17]. Otherwise, we will inject our instrumentation in program binaries using the PIN binary rewriting tool (which is neither as efficient nor as effective, due to the various challenges in working with binaries) [18], [4]. The specific vulnerability types we are protecting against include number handling, error handling, concurrency handling, memory safety errors (e.g., buffer overflows/underflows), null pointer and tainted data/input validation errors.…”
Section: Research Directionmentioning
confidence: 99%

The MINESTRONE Architecture Combining Static and Dynamic Analysis Techniques for Software Security

Keromytis1,
Stolfo2,
Yang3
et al. 2011
2011 First SysSec Workshop
4
0
3
0
View full textAdd to dashboardCite

Practical Dynamic Taint Tracking for Exploiting Input Sanitization Error in Java Applications

Ashouri
1
2019
Lecture Notes in Computer Science
5
0
1
0
View full textAdd to dashboardCite

Survey of Dynamic Taint Propagation for Binary Code

Qu1,
Ren
2
,
Zhao3
et al. 2011
2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control
1
0
0
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2025 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.