liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
InputTracer: A Data-flow Analysis Tool for Manual Program Comprehension of x86 Binaries
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
2012 (English)In: Proceedings of the 2012 IEEE 12th International Working Conference on Source Code Analysis and Manipulation / [ed] Juan E. Guerrero, IEEE , 2012, 138-143 p.Conference paper, Published paper (Refereed)
Abstract [en]

Third-party security analysis of closed-source programs has become an important part of a defense-in-depth approach to software security for many companies. In the absence of efficient tools, the analysis has generally been performed through manual reverse engineering of the machine code. As reverse engineering is an extremely time-consuming and costly task, much research has been performed to develop more powerful methods for analysis of program binaries. One such popular method is dynamic taint analysis (DTA), which is a type of runtime data-flow analysis, where certain input data is marked as tainted. By tracking the flow of tainted data, DTA can, for instance, be used to determine which computations in a program are affected by a certain part of the input. In this paper we present InputTracer, a tool that utilizes DTA for aiding in manual program comprehension and analysis of unmodified x86 executables running in Linux. A brief overview of dynamic taint analysis is given, followed by a description of the tool and its implementation. We also demonstrate the tool’s ability to provide exact information on the origin of tainted data through a detailed use case, where the tool is used to find the root cause of a memory corruption bug.

Place, publisher, year, edition, pages
IEEE , 2012. 138-143 p.
Keyword [en]
dynamic taint analysis, binary analysis, x86, program comprehension, Valgrind
National Category
Computer Science
Identifiers
URN: urn:nbn:se:liu:diva-80317DOI: 10.1109/SCAM.2012.16ISBN: 978-1-4673-2398-7 (print)OAI: oai:DiVA.org:liu-80317DiVA: diva2:546525
Conference
12th IEEE International Working Conference on Source Code Analysis and Manipulation, Riva del Garda, Trento, Italy, September 23-24, 2012
Available from: 2012-08-23 Created: 2012-08-23 Last updated: 2014-11-10

Open Access in DiVA

No full text

Other links

Publisher's full text

Authority records BETA

Kargén, UlfShahmehri, Nahid

Search in DiVA

By author/editor
Kargén, UlfShahmehri, Nahid
By organisation
Database and information techniquesThe Institute of Technology
Computer Science

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 151 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf