Practical dynamic information flow control for client-side web applications

Research output: Unpublished contribution to conferenceUnpublished abstract

Abstract

User data privacy and protection is a major concern for today’s companies.
Software systems are no longer monolithic pieces of code, but an aggregation of code from different parties.
Developers often reuse and trust third party code with aim of being more productive.
In the context of client-side web applications this situation is particularly dangerous, giving attackers the opportunity to exfiltrate data and compromise user privacy.
Current browsers security mechanisms are inadequate to ensure confidentiality policies that arise from the flow of information through web applications.

How to control the information flow through the system has been studied during several decades.
However, practical implementations are far from the advances in the theory.

Today, a large number of approaches are based on static analysis techniques to detect information flows in a program.
However, the dynamic characteristics of JavaScript, including its dynamic code evaluation capabilities, makes this kind of analysis too conservative and hence impractical.

Dynamic analysis allows tracking information during the program execution.
These analysis are usually implemented by means of code instrumentation, i.e. by inserting code that identifies, tracks, and prevents unauthorized information flows.

One approach to implement dynamic information flow is by instrumenting a Javascript interpreter.
This offers more freedom and control to the analysis implementor.
However, this is not a feasible solution in the context of client side web applications due to the large number of existing JavaScript interpreters and versions.

In this work we aim to implement a dynamic information flow control mechanism by means of source code instrumentation.
We develop a taint analysis to track explicit information flows.
To handle implicit flows, we implement the non-sensitive upgrade approach.

Our implementation is portable in the sense that we do not rely or change the underline interpreter.
As a down side, our approach has a significant impact on the performance of the application.

We do not provide formal proofs of our approach.
Instead, we verified our implementation on a large number of examples.
Also, we evaluated our analysis with respect to challenging Javascript features reported in the related work.
Experiments realized so far show that our analysis is transparent to the target program if during the program execution it does not has illegal flow of information.
Original languageEnglish
Publication statusPublished - 28 Sep 2017
Event4th Virtual Machine Meetup - School of Computer Science, Faculty of Mathematics and Physics, Charles University, Prague, Czech Republic
Duration: 28 Sep 201729 Sep 2017
http://vmmeetup.github.io/2017/

Workshop

Workshop4th Virtual Machine Meetup
Abbreviated titleVMM
CountryCzech Republic
CityPrague
Period28/09/1729/09/17
Internet address

Cite this