SNITCH: Dynamic Dependent Information Flow Analysis for Independent Java   Bytecode

Eduardo Geraldo (NOVA LINCS - Faculdade de Ci\^encias e Tecnologia da; Universidade Nova de Lisboa); Jo\~ao Costa Seco (NOVA LINCS - Faculdade de; Ci\^encias e Tecnologia da Universidade Nova de Lisboa)

arXiv:1908.10041·cs.SE·August 28, 2019·VORTEX@ECOOP/ISSTA

SNITCH: Dynamic Dependent Information Flow Analysis for Independent Java Bytecode

Eduardo Geraldo (NOVA LINCS - Faculdade de Ci\^encias e Tecnologia da, Universidade Nova de Lisboa), Jo\~ao Costa Seco (NOVA LINCS - Faculdade de, Ci\^encias e Tecnologia da Universidade Nova de Lisboa)

PDF

Open Access

TL;DR

SNITCH introduces a dynamic, context-aware information flow analysis tool for Java bytecode, enabling fine-grained security policy enforcement and leak detection through runtime-dependent security labels.

Contribution

It proposes a novel approach using dependent security labels and code instrumentation for dynamic information flow control in Java applications.

Findings

01

Developed a specification and instrumentation method for JVM bytecode.

02

Created a prototype tool called SNITCH based on the SOOT framework.

03

Demonstrated the approach with an example implementation.

Abstract

Software testing is the most commonly used technique in the industry to certify the correctness of software systems. This includes security properties like access control and data confidentiality. However, information flow control and the detection of information leaks using tests is a demanding task without the use of specialized monitoring and assessment tools. In this paper, we tackle the challenge of dynamically tracking information flow in third-party Java-based applications using dependent information flow control. Dependent security labels increase the expressiveness of traditional information flow control techniques by allowing to parametrize labels with context-related information and allowing for the specification of more detailed and fine-grained policies. Instead of the fixed security lattice used in traditional approaches that defines a fixed set of security compartments,…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsSecurity and Verification in Computing · Advanced Malware Detection Techniques · Network Security and Intrusion Detection