DRTaint: A Dynamic Taint Analysis Framework Supporting Correlation Analysis Between Data Regions

Abstract

Taint analysis is a common technology for software analysis, which is widely used in the region of information security. Aiming at the problem that the existing binary program dynamic taint analysis framework does not support “replay” analysis and the analysis efficiency is low, a taint analysis framework called DRTaint is proposed. DRTaint is a universal taint analysis framework that supports correlation analysis between data regions. Experiments show that DRTaint shows good performance advantages when performing taint analysis many times on one program. On the basis of DRTaint, this paper studies the malicious code behavior extraction method based on taint analysis, and the research finds that DRTaint can provide better support for malicious code behavior extraction.