| Title | Scaling Application-Level Dynamic Taint Analysis to Enterprise-Scale Distributed Systems |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Fu, Xiaoqin, Cai, Haipeng |
| Conference Name | 2020 IEEE/ACM 42nd International Conference on Software Engineering: Companion Proceedings (ICSE-Companion) |
| Keywords | Complexity theory, composability, Distributed Systems, dynamic taint analysis, faces, Metrics, new bugs, pubcrawl, Scalability, software engineering, software tools, static analysis, taint analysis, Tools |
| Abstract | With the increasing deployment of enterprise-scale distributed systems, effective and practical defenses for such systems against various security vulnerabilities such as sensitive data leaks are urgently needed. However, most existing solutions are limited to centralized programs. For real-world distributed systems which are of large scales, current solutions commonly face one or more of scalability, applicability, and portability challenges. To overcome these challenges, we develop a novel dynamic taint analysis for enterprise-scale distributed systems. To achieve scalability, we use a multi-phase analysis strategy to reduce the overall cost. We infer implicit dependencies via partial-ordering method events in distributed programs to address the applicability challenge. To achieve greater portability, the analysis is designed to work at an application level without customizing platforms. Empirical results have shown promising scalability and capabilities of our approach. |
| Citation Key | fu_scaling_2020 |
Scaling Application-Level Dynamic Taint Analysis to Enterprise-Scale Distributed Systems