Overview
Explore an innovative approach to dynamic taint analysis using neural networks in this IEEE conference talk. Delve into the limitations of traditional rule-based DTA and discover how Neutaint offers a more efficient method for tracking taint information. Learn about data collection techniques, influence analysis through gradient computation, and the evaluation process. Examine case studies on overtaint and runtime overhead, and understand the application of this technology in exploit analysis and fuzzing. Investigate the performance of different ML models and the impact of training data on information loss. Gain insights into this cutting-edge technique that promises to revolutionize dynamic taint analysis in the field of computer security.
Syllabus
Intro
Dynamic taint analysis (DTA)
Limitations of traditional rule-based DTA
A motivating example: taint propagation
A motivating example: Neural program embedding
Neutaint: a new way to track taint information
Data collection
Influence Analysis by Gradient Computation
Evaluation
Hot byte accuracy, runtime
Case study: overtaint
Case study: runtime overhead
Exploit analysis
Fuzzing
Performance on different ML models
Effect of training data on information loss
Taught by
IEEE Symposium on Security and Privacy