Write a Blog >>
ICSE 2023
Sun 14 - Sat 20 May 2023 Melbourne, Australia
Fri 19 May 2023 16:30 - 16:45 at Meeting Room 104 - Program analysis Chair(s): Marsha Chechik

Taint analysis, i.e., labeling data and propagating the labels through data flows, has been widely used for analyzing program information flows and ensuring system/data security. Due to its important applications, various taint analysis techniques have been proposed, including static and dynamic taint analysis. However, existing taint analysis techniques can be hardly applied to the rising microservice systems for industrial applications. Specifically, static taint analysis techniques can potentially incur poor precision and fail to cope with dynamic features such as dependency injection, while most dynamic taint analysis techniques modifying the operating systems, virtual machines, source code or program meta-data can hardly be generalized. To address such issues, in this paper, we proposed the first practical non-intrusive dynamic taint analysis technique MirrorTaint for extensively supporting microservice systems on JVMs. In particular, by instrumenting the microservice systems, MirrorTaint constructs a set of data structures with their respective policies for labeling/propagating taints in its mirrored space. Such data structures are essentially non-intrusive, i.e., modifying no program meta-data or runtime system. Then, during program execution, MirrorTaint replicates the stack-based JVM instruction execution in its mirrored space on-the-fly for dynamic taint tracking. In this way, MirrorTaint can track the tainted variables during execution without changing the program meta-data or corrupting the JVM memory space. We have evaluated MirrorTaint against state-of-the-art dynamic and static taint analysis systems on various popular open-source microservice systems. The results demonstrate that MirrorTaint can achieve much better compatibility, quite close precision and higher recall (97.9%/100.0%) than state-of-the-art Phosphor (100.0%/16.2%) and FlowDroid (100%/28.2%). Also, MirrorTaint incurs lower runtime overhead than Phosphor (although both are dynamic techniques). Moreover, we have performed a case study in a global billion-user FinTech company to compare MirrorTaint and their mature developer-experience-based data checking system for automatically generated fund documents. The result shows that the developer experience can be incomplete, causing the data checking system to only cover 84.0% total data relations, while MirrorTaint can automatically find 99.0% relations with 100.0% precision. Lastly, we also applied MirrorTaint to successfully detect a recently wide-spread Log4j2 security vulnerability.

Fri 19 May

Displayed time zone: Hobart change

15:45 - 17:15
15:45
15m
Talk
Stubbifier: debloating dynamic server-side JavaScript applications
Journal-First Papers
Alexi Turcotte Northeastern University, Ellen Arteca Northeastern University, Ashish Mishra Purdue University, Saba Alimadadi Simon Fraser University, Frank Tip Northeastern University
16:00
15m
Talk
DStream: A Streaming-Based Highly Parallel IFDS Framework
Technical Track
Xizao Wang Nanjing University, Zhiqiang Zuo Nanjing University, Lei Bu Nanjing University, Jianhua Zhao Nanjing University, China
16:15
15m
Talk
(Partial) Program Dependence Learning
Technical Track
Aashish Yadavally The University of Texas at Dallas, Wenbo Wang New Jersey Institute of Technology, Shaohua Wang New Jersey Institute of Technology, Tien N. Nguyen University of Texas at Dallas
Pre-print
16:30
15m
Talk
MirrorTaint: Practical Non-intrusive Dynamic Taint Tracking for JVM-based Microservice Systems
Technical Track
Yicheng Ouyang University of Illinois at Urbana-Champaign, Kailai Shao Ant Group, Kunqiu Chen Southern University of Science and Technology, Ruobing Shen Peking University, Chao Chen Ant Group, Mingze Xu Ant Group, Yuqun Zhang Southern University of Science and Technology, Lingming Zhang University of Illinois at Urbana-Champaign
Pre-print
16:45
15m
Talk
Incremental Call Graph Construction in Industrial Practice
SEIP - Software Engineering in Practice
Zelin Zhao Ant Group, Xizao Wang Nanjing University, Zhaogui Xu Ant Group, Zhenhao Tang Ant Group, Yongchao Li Ant Group, Peng Di Ant Group
17:00
15m
Talk
Generic Partition Refinement and Weighted Tree Automata
Showcase
Hans-Peter Deifel Friedrich-Alexander University Erlangen-Nürnberg, Germany, Stefan Milius , Lutz Schröder University of Erlangen-Nuremberg, Thorsten Wißmann Friedrich-Alexander University Erlangen-Nürnberg
Link to publication DOI Pre-print