摘要 |
A system and method for tracking sensitive data uses dynamic taint analysis to track sensitive data as the data flows through a target application running on a computer system. In general, the system and method for tracking sensitive data marks data as tainted when the data input to the target application is indicated as sensitive. The system and method may then track the propagation of the tainted data as the data is read from and written to memory by the target application to detect if the tainted data is output from the application (e.g., leaked). Dynamic binary translation may be used to provide binary instrumentation of the target application for dynamic taint analysis to track propagation of the tainted data at the instruction level and/or the function level. Of course, many alternatives, variations, and modifications are possible without departing from this embodiment. |