| The paper proposes taint reverse propagation to solve the problem of privacy leaks.The taint reverse propagation oriented towards privacy protection amounts to tracing data according to idea of taint forward propagation.While this reversing course realizes simple taint marking,enhanced execution efficiency and reduced taint quantity.Added to this,privacy protection of taint reverse propagation and privacy protection of taint forward propagation are essentially different.The privacy protection in taint forward propagation tends to be adding taint forward propagation as a module to operating system,and the taint forward propagation will monitor propagation condition of taint data in program in real time,with taint forward propagation module serving as a monitor,thereby judging whether users' privacy data is leaked.So essentially taint forward propagation is to become a part of operating system to protect privacy data from being sent to network,while leads to loss of efficiency to the program by 40% to 50%,an unacceptable performance loss for a program in regular service.While the case is different for taint reverse propagation.As the taint reverse propagation needs to pass reverse executor to reversely propagate taint,taint reverse propagation does not go hand in hand with normal execution flow of program,but serves as an independent part when analyst programmer analyzes object program.The privacy protection mentioned in this paper is also directed at extensively used software by people in everyday life,and judging whether it has unlawful operation for privacy information of users.Therefore,in taint reverse propagation,our privacy protection mode is: as long as analyst programmer figures out whether program is safe,this can be reference for users to choose whether to use object application,without need for users to understand running status of program under the condition of terrifying performance loss Hence,the taint reverse analytical framework proposed in this paper is not helping the users to censor whether the application they use operates illegally,but assists the analyst programmers to rapidly judge whether a program has illegal operation for privacy data.The main content of this paper comprises:Firstly,it designed and realized taint reverse propagation frame,through which,the data source is traced well,and based on this to judge whether program leaks privacy,and broke taint reverse propagation frame down into: program reverse execution module,taint reverse propagation module and visualization module,optimized these three modules accordingly.Secondly,it analyzed and optimized program reverse execution module.As in frame,taint data needs to be reversely propagated,which entails need for the program for reverse execution.So the paper raised manifold methods of program reverse execution,and took program reverse execution based on deterministic replay as program reverse execution method of taint reverse propagation frame,then put forward three modes of single version,multiversion and extra version to significantly improve execution efficiency of deterministic replay.Thirdly,it analyzed and optimized taint reverse propagation module.In the stage of taint reverse propagation,augmentation of taint quantity will largely lower efficiency of taint reverse propagation.Thus,the paper optimized the cycle operation frequently occurring in program,thereby improving efficiency of paint reverse propagation.Lastly,the paper proposed data structure according with the characteristics of taint reverse propagation-chronological digraph,which also goes through visualization processes.Put forward directed cyclic graph based on chronology,and helped the analyst programmer to find data source and observe data dependence through displaying the graph in different states. |
PDF Full Text Request