TreeDroid: A tree automaton based approach to enforcing data processing policies
2012 (English)In: CCS '12 Proceedings of the 2012 ACM conference on Computer and communications security, ACM , 2012, 894-905 p.Conference paper (Refereed)
Current approaches to security policy monitoring are based on linear control flow constraints such as runQuery may be evaluated only after sanitize. However, realistic security policies must be able to conveniently capture data flow constraints as well. An example is a policy stating that arguments to the function runQuery must be either constants, outputs of a function sanitize, or concatenations of any such values. We present a novel approach to security policy monitoring that uses tree automata to capture constraints on the way data is processed along an execution. We present a λ-calculus based model of the framework, investigate some of the models meta-properties, and show how it can be implemented using labels corresponding to automaton states to reflect the computational histories of each data item. We show how a standard denotational semantics induces the expected monitoring regime on a simple "while" language. Finally we implement the framework for the Dalvik VM using TaintDroid as the underlying data flow tracking mechanism, and evaluate its functionality and performance on five case studies.
Place, publisher, year, edition, pages
ACM , 2012. 894-905 p.
, Proceedings of the ACM Conference on Computer and Communications Security, ISSN 1543-7221
Policy enforcement, Runtime monitoring, Tree automata
Computer and Information Science
IdentifiersURN: urn:nbn:se:kth:diva-108006DOI: 10.1145/2382196.2382290ScopusID: 2-s2.0-84869424220ISBN: 978-145031650-7OAI: oai:DiVA.org:kth-108006DiVA: diva2:580211
2012 ACM Conference on Computer and Communications Security, CCS 2012, 16 October 2012 through 18 October 2012, Raleigh, NC
FunderICT - The Next Generation
QC 201212212012-12-212012-12-192013-04-11Bibliographically approved