Skip to main content

SandTrap: Tracking information flows on demand with parallel permissions

Publication ,  Conference
Razeen, A; Meijer, A; Lebeck, AR; Pistol, V; Liu, DH; Cox, LP
Published in: MobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services
June 10, 2018

The most promising way to improve the performance of dynamic information-flow tracking (DIFT) for machine code is to only track instructions when they process tainted data. Unfortunately, prior approaches to on-demand DIFT are a poor match for modern mobile platforms that rely heavily on parallelism to provide good interactivity in the face of computationally intensive tasks like image processing. The main shortcoming of these prior efforts is that they cannot support an arbitrary mix of parallel threads due to the limitations of page protections. In this paper, we identify parallel permissions as a key requirement for multithreaded, on-demand native DIFT, and we describe the design and implementation of a system called SandTrap that embodies this approach. Using our prototype implementation, we demonstrate that SandTrap’s native DIFT overhead is proportional to the amount of tainted data that native code processes. For example, in the photo-sharing app Instagram, SandTrap’s performance is close to baseline (1x) when the app does not access tainted data. When it does, SandTrap imposes a slowdown comparable to prior DIFT systems (∼8x).

Duke Scholars

Published In

MobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services

DOI

Publication Date

June 10, 2018

Start / End Page

230 / 242
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Razeen, A., Meijer, A., Lebeck, A. R., Pistol, V., Liu, D. H., & Cox, L. P. (2018). SandTrap: Tracking information flows on demand with parallel permissions. In MobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services (pp. 230–242). https://doi.org/10.1145/3210240.3210321
Razeen, A., A. Meijer, A. R. Lebeck, V. Pistol, D. H. Liu, and L. P. Cox. “SandTrap: Tracking information flows on demand with parallel permissions.” In MobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services, 230–42, 2018. https://doi.org/10.1145/3210240.3210321.
Razeen A, Meijer A, Lebeck AR, Pistol V, Liu DH, Cox LP. SandTrap: Tracking information flows on demand with parallel permissions. In: MobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services. 2018. p. 230–42.
Razeen, A., et al. “SandTrap: Tracking information flows on demand with parallel permissions.” MobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services, 2018, pp. 230–42. Scopus, doi:10.1145/3210240.3210321.
Razeen A, Meijer A, Lebeck AR, Pistol V, Liu DH, Cox LP. SandTrap: Tracking information flows on demand with parallel permissions. MobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services. 2018. p. 230–242.

Published In

MobiSys 2018 - Proceedings of the 16th ACM International Conference on Mobile Systems, Applications, and Services

DOI

Publication Date

June 10, 2018

Start / End Page

230 / 242