{"id":2694,"date":"2017-09-08T03:41:12","date_gmt":"2017-09-08T03:41:12","guid":{"rendered":"https:\/\/www.ndss-symposium.org\/?page_id=2694"},"modified":"2024-03-07T09:58:01","modified_gmt":"2024-03-07T09:58:01","slug":"dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity","status":"publish","type":"page","link":"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/","title":{"rendered":"Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software"},"content":{"rendered":"\n<p><strong>James Newsome and Dawn Song (Carnegie Mellon University)<\/strong><\/p>\n\n\n\n<p>Software vulnerabilities have had a devastating effect on the Internet. Worms such as CodeRed and Slammer can compromise hundreds of thousands of hosts within hours or even minutes, and cause millions of dollars of damage [25, 42]. To successfully combat these fast automatic Internet attacks, we need fast automatic attack detection and filtering mechanisms.<\/p>\n\n\n\n<p>In this paper we propose dynamic taint analysis for automatic detection of overwrite attacks, which include most types of exploits. This approach does not need source code or special compilation for the monitored program, and hence works on commodity software. To demonstrate this idea, we have implemented TaintCheck, a mechanism that can perform dynamic taint analysis by performing binary rewriting at run time. We show that TaintCheck reliably detects most types of exploits. We found that TaintCheck produced no false positives for any of the many different programs that we tested. Further, we describe how TaintCheck could improve automatic signature generation in several ways.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button\"><a class=\"wp-block-button__link has-white-color has-text-color has-link-color wp-element-button\" href=\"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/2017\/09\/Dynamic-Taint-Analysis-for-Automatic-Detection-Analysis-and-SignatureGeneration-of-Exploits-on-Commodity-Software-Dawn-Song.pdf\">Paper<\/a><\/div>\n<\/div>\n\n\n\n<div style=\"height:40px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p><strong>Date: <\/strong>3 Feb 2005<\/p>\n\n\n\n<p><strong>Associated Event: <\/strong><a href=\"http:\/\/www.ndss-symposium.org\/ndss2005\">NDSS Symposium 2005<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>James Newsome and Dawn Song (Carnegie Mellon University) Software vulnerabilities have had a devastating effect on the Internet. Worms such as CodeRed and Slammer can compromise hundreds of thousands of hosts within hours or even minutes, and cause millions of dollars of damage [25, 42]. To successfully combat these fast automatic Internet attacks, we need &hellip; <a href=\"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/\">Continued<\/a><\/p>\n","protected":false},"author":237,"featured_media":0,"parent":1248,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"advgb_blocks_editor_width":"","advgb_blocks_columns_visual_guide":"","footnotes":""},"categories":[],"tags":[95],"class_list":["post-2694","page","type-page","status-publish","hentry","tag-ndss-2005-papers"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software - NDSS Symposium<\/title>\n<meta name=\"description\" content=\"This paper introduces dynamic taint analysis, a new approach for the automatic detection, analysis, and signature generation of exploits on commodity software.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software - NDSS Symposium\" \/>\n<meta property=\"og:description\" content=\"This paper introduces dynamic taint analysis, a new approach for the automatic detection, analysis, and signature generation of exploits on commodity software.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/\" \/>\n<meta property=\"og:site_name\" content=\"NDSS Symposium\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NDSSSymposium\/\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-07T09:58:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"815\" \/>\n\t<meta property=\"og:image:height\" content=\"345\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@NDSSSymposium\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/\",\"url\":\"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/\",\"name\":\"Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software - NDSS Symposium\",\"isPartOf\":{\"@id\":\"https:\/\/www.ndss-symposium.org\/#website\"},\"datePublished\":\"2017-09-08T03:41:12+00:00\",\"dateModified\":\"2024-03-07T09:58:01+00:00\",\"description\":\"This paper introduces dynamic taint analysis, a new approach for the automatic detection, analysis, and signature generation of exploits on commodity software.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.ndss-symposium.org\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NDSS Symposium 2005\",\"item\":\"https:\/\/www.ndss-symposium.org\/ndss2005\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ndss-symposium.org\/#website\",\"url\":\"https:\/\/www.ndss-symposium.org\/\",\"name\":\"NDSS Symposium\",\"description\":\"The Network and Distributed System Security (NDSS) Symposium\",\"publisher\":{\"@id\":\"https:\/\/www.ndss-symposium.org\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.ndss-symposium.org\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.ndss-symposium.org\/#organization\",\"name\":\"NDSS Symposium\",\"url\":\"https:\/\/www.ndss-symposium.org\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ndss-symposium.org\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg\",\"contentUrl\":\"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg\",\"width\":815,\"height\":345,\"caption\":\"NDSS Symposium\"},\"image\":{\"@id\":\"https:\/\/www.ndss-symposium.org\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NDSSSymposium\/\",\"https:\/\/x.com\/NDSSSymposium\",\"https:\/\/www.linkedin.com\/company\/network-and-distributed-system-symposium-ndss-\/\",\"https:\/\/www.youtube.com\/ndsssymposium\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software - NDSS Symposium","description":"This paper introduces dynamic taint analysis, a new approach for the automatic detection, analysis, and signature generation of exploits on commodity software.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/","og_locale":"en_US","og_type":"article","og_title":"Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software - NDSS Symposium","og_description":"This paper introduces dynamic taint analysis, a new approach for the automatic detection, analysis, and signature generation of exploits on commodity software.","og_url":"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/","og_site_name":"NDSS Symposium","article_publisher":"https:\/\/www.facebook.com\/NDSSSymposium\/","article_modified_time":"2024-03-07T09:58:01+00:00","og_image":[{"width":815,"height":345,"url":"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@NDSSSymposium","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/","url":"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/","name":"Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software - NDSS Symposium","isPartOf":{"@id":"https:\/\/www.ndss-symposium.org\/#website"},"datePublished":"2017-09-08T03:41:12+00:00","dateModified":"2024-03-07T09:58:01+00:00","description":"This paper introduces dynamic taint analysis, a new approach for the automatic detection, analysis, and signature generation of exploits on commodity software.","breadcrumb":{"@id":"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.ndss-symposium.org\/ndss2005\/dynamic-taint-analysis-automatic-detection-analysis-and-signaturegeneration-exploits-commodity\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.ndss-symposium.org\/"},{"@type":"ListItem","position":2,"name":"NDSS Symposium 2005","item":"https:\/\/www.ndss-symposium.org\/ndss2005\/"},{"@type":"ListItem","position":3,"name":"Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software"}]},{"@type":"WebSite","@id":"https:\/\/www.ndss-symposium.org\/#website","url":"https:\/\/www.ndss-symposium.org\/","name":"NDSS Symposium","description":"The Network and Distributed System Security (NDSS) Symposium","publisher":{"@id":"https:\/\/www.ndss-symposium.org\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ndss-symposium.org\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.ndss-symposium.org\/#organization","name":"NDSS Symposium","url":"https:\/\/www.ndss-symposium.org\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ndss-symposium.org\/#\/schema\/logo\/image\/","url":"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg","contentUrl":"https:\/\/www.ndss-symposium.org\/wp-content\/uploads\/NDSS_Logo_RGB.jpg","width":815,"height":345,"caption":"NDSS Symposium"},"image":{"@id":"https:\/\/www.ndss-symposium.org\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NDSSSymposium\/","https:\/\/x.com\/NDSSSymposium","https:\/\/www.linkedin.com\/company\/network-and-distributed-system-symposium-ndss-\/","https:\/\/www.youtube.com\/ndsssymposium"]}]}},"coauthors":[],"author_meta":{"author_link":"https:\/\/www.ndss-symposium.org\/author\/strinekatrbovic\/","display_name":"Ivana Trbovic"},"relative_dates":{"created":"Posted 8 years ago","modified":"Updated 2 years ago"},"absolute_dates":{"created":"Posted on 8 September 2017","modified":"Updated on 7 March 2024"},"absolute_dates_time":{"created":"Posted on 8 September 2017 3:41 am","modified":"Updated on 7 March 2024 9:58 am"},"featured_img_caption":"","featured_img":false,"series_order":"","_links":{"self":[{"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/pages\/2694","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/users\/237"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/comments?post=2694"}],"version-history":[{"count":0,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/pages\/2694\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/pages\/1248"}],"wp:attachment":[{"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/media?parent=2694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/categories?post=2694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ndss-symposium.org\/wp-json\/wp\/v2\/tags?post=2694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}