Overview
Explore a cutting-edge approach to dynamic information-flow tracking (DIFT) in this IEEE Symposium on Security & Privacy presentation. Dive into the innovative Iodine system, which employs a novel optimistic hybrid analysis to significantly reduce DIFT overhead while maintaining sound results. Learn how this method combines predicated whole-program static taint analysis with likely invariants from profiles to improve precision. Understand the challenges of optimizing live executions and discover how Iodine eliminates the need for rollbacks during recovery. Examine the components, applications, and key insights of this system, including dynamic monitoring, sound static analysis, and optimistic hybrid analysis. Gain valuable knowledge about the implementation, evaluation, and profiling methodology used in Iodine, which reduces DIFT overhead to just 9% - a 4.4x improvement over traditional hybrid analysis. Enhance your understanding of advanced security policy enforcement techniques applicable to live systems.
Syllabus
Intro
Taint Tracking
Components
Applications
Dynamic Monitoring
Sound Static Analysis
Optimistic Hybrid Analysis
Optimistic Hybrid Analysis Overview
Dynamic Invariant Validation
Recovering Analysis
Bounding Analysis
Summary
Metadata State
Key Insight
Implementation
Evaluation
Generic Policy
Profiling Methodology
Conclusion
Un unbounded rollbacks
Questions
Comments
Taught by
IEEE Symposium on Security and Privacy