A taint marking approach to confidentiality violation detection

Hauser, Christophe, Tronel, Frederic, Reid, Jason F., & Fidge, Colin J. (2012) A taint marking approach to confidentiality violation detection. In Pieprzyk, Josef & Thomborson, Clark (Eds.) Proceedings of the 10th Australasian Information Security Conference (AISC 2012), Australian Computer Society, RMIT University, Melbourne, VIC, pp. 83-90.

View at publisher


This article presents a novel approach to confidentiality violation detection based on taint marking. Information flows are dynamically tracked between applications and objects of the operating system such as files, processes and sockets. A confidentiality policy is defined by labelling sensitive information and defining which information may leave the local system through network exchanges. Furthermore, per application profiles can be defined to restrict the sets of information each application may access and/or send through the network. In previous works, we focused on the use of mandatory access control mechanisms for information flow tracking. In this current work, we have extended the previous information flow model to track network exchanges, and we are able to define a policy attached to network sockets. We show an example application of this extension in the context of a compromised web browser: our implementation detects a confidentiality violation when the browser attempts to leak private information to a remote host over the network.

Impact and interest:

5 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

606 since deposited on 27 Nov 2011
22 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 47263
Item Type: Conference Paper
Refereed: Yes
Keywords: Computer system security, Taint analysis, Data confidentiality and integrity
ISBN: 978-1-921770-06-7
ISSN: 1445-1336
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303)
Divisions: Past > Institutes > Information Security Institute
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2012, Australian Computer Society, Inc.
Copyright Statement: This paper appeared at the 10th Australasian Information Security Conference (AISC 2012), Melbourne, Australia, January- February 2012. Conferences in Research and Practice in Information Technology (CRPIT), Vol. 125, Josef Pieprzyk and Clark Thomborson, Ed. Reproduction for academic, not-for-profit purposes permitted provided this text is included.
Deposited On: 27 Nov 2011 21:42
Last Modified: 24 Jun 2017 04:19

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page