| 发明名称 | Sensitive data tracking using dynamic taint analysis | ||
| 摘要 | A system and method for tracking sensitive data uses dynamic taint analysis to track sensitive data as the data flows through a target application running on a computer system. In general, the system and method for tracking sensitive data marks data as tainted when the data input to the target application is indicated as sensitive. The system and method may then track the propagation of the tainted data as the data is read from and written to memory by the target application to detect if the tainted data is output from the application (e.g., leaked). Dynamic binary translation may be used to provide binary instrumentation of the target application for dynamic taint analysis to track propagation of the tainted data at the instruction level and/or the function level. Of course, many alternatives, variations, and modifications are possible without departing from this embodiment. | ||
| 申请公布号 | US8893280(B2) | 申请公布日期 | 2014.11.18 |
| 申请号 | US200912638377 | 申请日期 | 2009.12.15 |
| 申请人 | Intel Corporation | 发明人 | Jung Jaeyeon;Zhu Yu |
| 分类号 | G06F21/00 | 主分类号 | G06F21/00 |
| 代理机构 | Grossman, Tucker, Perreault & Pfleger | 代理人 | Grossman, Tucker, Perreault & Pfleger |
| 主权项 | 1. A method of tracking sensitive data through a target application running on a computer system, the method comprising: upon loading a target application for execution by a computer system, initiating function-level instrumentation including monitoring input data received on at least one input channel of the computer system for a sensitive data indicator; marking the input data associated with the sensitive data indicator as tainted data when the input data is provided to the target application; upon receipt of the tainted data at said computer system, initiate tracking propagation of the tainted data as the target application executes and the tainted data is read from and written to memory locations in the computer system, wherein tracking propagation of the tainted data comprises performing instrumentation of the target application instructions and functions such that the tainted data is tracked as instructions of the target application are executed; and monitoring at least one output channel of the computer system to determine if the tainted data is propagated to the at least one output channel. | ||
| 地址 | Santa Clara CA US | ||