Merge-Replay: Efficient IFDS-Based Taint Analysis by Consolidating Equivalent Value Flows
The IFDS-based taint analysis employs two mutually iterative passes: a forward pass that identifies taints and a backward pass that detects aliases. This approach ensures both flow and context sensitivity, leading to remarkable precision. To preserve flow sensitivity, the IFDS-based taint analysis e...
Uložené v:
| Vydané v: | IEEE/ACM International Conference on Automated Software Engineering : [proceedings] s. 319 - 331 |
|---|---|
| Hlavní autori: | , , |
| Médium: | Konferenčný príspevok.. |
| Jazyk: | English |
| Vydavateľské údaje: |
IEEE
11.09.2023
|
| Predmet: | |
| ISSN: | 2643-1572 |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | The IFDS-based taint analysis employs two mutually iterative passes: a forward pass that identifies taints and a backward pass that detects aliases. This approach ensures both flow and context sensitivity, leading to remarkable precision. To preserve flow sensitivity, the IFDS-based taint analysis enhances data abstractions with activation statements that pinpoint the moment they acquire taint. Nonetheless, this mechanism can inadvertently introduce equivalent, yet redundant, value flows. This occurs when distinct activation statements are linked with the same data abstraction, resulting in unnecessary computational and memory-intensive demands on the analysis process. We introduce MergeDroid, a novel approach to improve the efficiency of IFDS-based taint analysis by consolidating equivalent value flows. This involves merging activation statements linked to the same data abstraction from various reachable data facts that are reachable at a given program point during the backward pass. This process generates a representative symbolic activation statement applicable to all equivalent data facts, reducing them to a single symbolic data fact. During the forward pass, when this symbolic data fact returns to its point of creation, the analysis reverts to the original data facts alongside their initial activation statements. This merge-and-replay strategy eliminates redundant value flow propagation, resulting in performance gains. Furthermore, we also improve analysis efficiency and precision by leveraging context-sensitive insights from activation statements. Our evaluation on 40 Android apps demonstrates that MergeDroid significantly enhances IFDS-based taint analysis performance. On average, MergeDroid accelerates analysis by 9.0× while effectively handling 6 more apps scalably. Additionally, it reduces false positives by significantly decreasing reported leak warnings, achieving an average reduction of 19.2%. |
|---|---|
| AbstractList | The IFDS-based taint analysis employs two mutually iterative passes: a forward pass that identifies taints and a backward pass that detects aliases. This approach ensures both flow and context sensitivity, leading to remarkable precision. To preserve flow sensitivity, the IFDS-based taint analysis enhances data abstractions with activation statements that pinpoint the moment they acquire taint. Nonetheless, this mechanism can inadvertently introduce equivalent, yet redundant, value flows. This occurs when distinct activation statements are linked with the same data abstraction, resulting in unnecessary computational and memory-intensive demands on the analysis process. We introduce MergeDroid, a novel approach to improve the efficiency of IFDS-based taint analysis by consolidating equivalent value flows. This involves merging activation statements linked to the same data abstraction from various reachable data facts that are reachable at a given program point during the backward pass. This process generates a representative symbolic activation statement applicable to all equivalent data facts, reducing them to a single symbolic data fact. During the forward pass, when this symbolic data fact returns to its point of creation, the analysis reverts to the original data facts alongside their initial activation statements. This merge-and-replay strategy eliminates redundant value flow propagation, resulting in performance gains. Furthermore, we also improve analysis efficiency and precision by leveraging context-sensitive insights from activation statements. Our evaluation on 40 Android apps demonstrates that MergeDroid significantly enhances IFDS-based taint analysis performance. On average, MergeDroid accelerates analysis by 9.0× while effectively handling 6 more apps scalably. Additionally, it reduces false positives by significantly decreasing reported leak warnings, achieving an average reduction of 19.2%. |
| Author | Xue, Jingling He, Dongjie Gui, Yujiang |
| Author_xml | – sequence: 1 givenname: Yujiang surname: Gui fullname: Gui, Yujiang email: yujiang.gui@unsw.edu.au organization: University of New South Wales,Sydney,Australia – sequence: 2 givenname: Dongjie surname: He fullname: He, Dongjie email: dongjieh@cse.unsw.edu.au organization: University of New South Wales,Sydney,Australia – sequence: 3 givenname: Jingling surname: Xue fullname: Xue, Jingling email: jingling@cse.unsw.edu.au organization: University of New South Wales,Sydney,Australia |
| BookMark | eNotjsFKAzEYhKMoaGufQA95ga1__myyibdat1qoCLYKnkqym5RI3K1Nq-zbu6LMYZgPZpgBOWnaxhFyyWDMGOjrybIUElGPEZCPAQCLIzLShVZcAEetZX5MzlHmPGOiwDMySOkdQPShOCdvj263cdmz20bT3dDS-1AF1-zpfHa3zG5NcjVdmdCDSWNil0KitqPTtkltDLXZh2ZDy89D-DLxt_Vq4sHRWWy_0wU59SYmN_r3IXmZlavpQ7Z4up9PJ4vM9Of2GQdV1Vzk3kotpGZeVpjnCjnnoqqtRRDeQG4LC1ZJaxlaZaWveynhveZDcvW3G5xz6-0ufJhdt2aAWqEW_Ae3FFRj |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/ASE56229.2023.00027 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE/IET Electronic Library url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9798350329964 |
| EISSN | 2643-1572 |
| EndPage | 331 |
| ExternalDocumentID | 10298295 |
| Genre | orig-research |
| GrantInformation_xml | – fundername: ARC grantid: DP210102409 funderid: 10.13039/100000163 |
| GroupedDBID | 6IE 6IF 6IH 6IK 6IL 6IM 6IN 6J9 AAJGR AAWTH ABLEC ACREN ADYOE ADZIZ AFYQB ALMA_UNASSIGNED_HOLDINGS AMTXH BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI M43 OCL RIE RIL |
| ID | FETCH-LOGICAL-a329t-308cd354fb695691f6c244823335cdbb205fa04b7b0b86bb12b8b6fdfdf85ff93 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 3 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001103357200026&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 02:32:28 EDT 2025 |
| IsDoiOpenAccess | false |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a329t-308cd354fb695691f6c244823335cdbb205fa04b7b0b86bb12b8b6fdfdf85ff93 |
| OpenAccessLink | http://hdl.handle.net/1959.4/105888 |
| PageCount | 13 |
| ParticipantIDs | ieee_primary_10298295 |
| PublicationCentury | 2000 |
| PublicationDate | 2023-Sept.-11 |
| PublicationDateYYYYMMDD | 2023-09-11 |
| PublicationDate_xml | – month: 09 year: 2023 text: 2023-Sept.-11 day: 11 |
| PublicationDecade | 2020 |
| PublicationTitle | IEEE/ACM International Conference on Automated Software Engineering : [proceedings] |
| PublicationTitleAbbrev | ASE |
| PublicationYear | 2023 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0051577 ssib057256115 |
| Score | 2.258464 |
| Snippet | The IFDS-based taint analysis employs two mutually iterative passes: a forward pass that identifies taints and a backward pass that detects aliases. This... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 319 |
| SubjectTerms | Computational efficiency IFDS Iterative methods Merging Operating systems Performance gain precision Prototypes scalability Sensitivity Taint analysis |
| Title | Merge-Replay: Efficient IFDS-Based Taint Analysis by Consolidating Equivalent Value Flows |
| URI | https://ieeexplore.ieee.org/document/10298295 |
| WOSCitedRecordID | wos001103357200026&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1JSwMxGA1aPHiqS8WdHLxGs0wmiTeXFj1YCq1STyXbyMDQ0baj9N-bTBfx4EFyCYGEkC_hZXvvAXDBlZPOCoaExRYlXCVIC8aQt0TiVNMk46Y2mxDdrhwOVW9JVq-5MN77-vOZv4zZ-i3flbaKV2VhhVMlqeKbYFOIdEHWWk0eLgJ4E7Le-wacFmIpM0SwurrptwPU08hNoVHUFNPfhio1nnSa_-zJDmj9MPNgb405u2DDj_dAc2XNAJcrdR-8PkVWJQrb60LPr2G7FooITcLHzn0f3QbocnCg81CwUiWBZg6je2dZ5JHxMH6D7Y8qD_Mw1nrRReVhpyi_pi3w3GkP7h7Q0kUBaUbVDDEsrWM8yUwazkKKZKkNkC4pY4xbZwzFPNM4McJgI1NjCDXSpJkLSfIsU-wANMbl2B8CqJyzifISU4sT64nUHhMviNbGZZ6QI9CKQzV6XwhljFajdPxH-QnYjtGov2zJU9CYTSp_Brbs5yyfTs7r8H4DWKelig |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1JSwMxGA1uoKe6VNzNwWs0y2SSeHPpoKil0Cp6KtlGBkqrtaP035uMU8WDB8klBBJCvoSX7b0HwBFXTjorGBIWW5RwlSAtGEPeEolTTZOcm8psQrTb8vFRdWqyesWF8d5Xn8_8ccxWb_luZMt4VRZWOFWSKj4PFqN1Vk3Xmk0fLgJ8E_K9-w1ILUQtNESwOjnrtgLY08hOoVHWFNPflioVomSNf_ZlFTR_uHmw8406a2DOD9dBY2bOAOu1ugGe7iKvEoUN9kBPT2GrkooITcLr7LKLzgN4OdjTRSiY6ZJAM4XRv3M0KCLnYfgMW69lEWZirPWgB6WH2WD08dYE91mrd3GFah8FpBlVE8SwtI7xJDdpOA0pkqc2gLqkjDFunTEU81zjxAiDjUyNIdRIk-YuJMnzXLFNsDAcDf0WgMo5mygvMbU4sZ5I7THxgmhtXO4J2QbNOFT9ly-pjP5slHb-KD8Ey1e9u9v-7XX7ZhesxMjEzxiE7IGFybj0-2DJvk-Kt_FBFepPJtWozQ |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=IEEE%2FACM+International+Conference+on+Automated+Software+Engineering+%3A+%5Bproceedings%5D&rft.atitle=Merge-Replay%3A+Efficient+IFDS-Based+Taint+Analysis+by+Consolidating+Equivalent+Value+Flows&rft.au=Gui%2C+Yujiang&rft.au=He%2C+Dongjie&rft.au=Xue%2C+Jingling&rft.date=2023-09-11&rft.pub=IEEE&rft.eissn=2643-1572&rft.spage=319&rft.epage=331&rft_id=info:doi/10.1109%2FASE56229.2023.00027&rft.externalDocID=10298295 |