IEEE Access (Jan 2019)
NeuralTaint: A Key Segment Marking Tool Based on Neural Network
Abstract
Dynamic taint analysis techniques are a popular dynamic software analysis method. Marking a key segment of program function by dynamic taint analysis is an important part of software vulnerability research. Key segment marking usually related to the control flow taint analysis, however, several specific program structure may cause failure in key segment marking due to the control flow dependence, and overtainting and undertainting problem. In this paper, we proposed a novel method to mark a key segment accurately and efficiently with deep learning technology. Firstly, we fit the program function execution into a continuous function by the convoluntional network, and then mark the key segment roughly through derivative information of fitted nerual network. Finally, we mark the key segment of specific program function completely and accurately by filtering and diffusion algorithm. We developed the key segment marking tool NeuralTaint on this principle. We design an experiment to select the specific neural network structure of NeuralTaint. Our extensive evaluations demonstrate that NeuralTaint significantly outperforms the two state-of-the-art traditional dynamic taint analysis tool on seven popular real-world programs.
Keywords