research-article

A Comparative Analysis Between Information Flow Control Tools for Java-written systems

Authors:
Gabrielle Porto

Universidade Federal do Agreste de Pernambuco, Brazil

Universidade Federal do Agreste de Pernambuco, Brazil
View Profile

,
Rodrigo Andrade

Universidade Federal do Agreste de Pernambuco, Brazil

Universidade Federal do Agreste de Pernambuco, Brazil
View Profile

,
Felipe Ebert

Eindhoven University of Technology (TU/e), The Netherlands

Eindhoven University of Technology (TU/e), The Netherlands
View Profile

SBCARS '21: Proceedings of the 15th Brazilian Symposium on Software Components, Architectures, and ReuseSeptember 2021Pages 80–89https://doi.org/10.1145/3483899.3483901

Published:05 October 2021Publication History

SBCARS '21: Proceedings of the 15th Brazilian Symposium on Software Components, Architectures, and Reuse

Pages 80–89

ABSTRACT

Information Flow Control (IFC) tools are a common way to analyze source code with the goal to find confidentiality or integrity violations for sensitive information. Therefore, to correctly protect such information (e.g., passwords), it is important to choose the most suitable tool for each target software system. In this context, we evaluate precision, recall, and accuracy for three open-source IFC tools for Java-written systems. We also check whether these tools are useful to protect sensitive information of real systems. First, we execute these tools against test cases of the SecuriBench Micro benchmark built for this purpose. Then, we run three selected IFC tools (JOANA, PIDGIN, and Flowdroid) to assess whether they are able to detect violations for rules we define considering each real system. Our results show that JOANA and PIDGIN overcome FlowDroid regarding precision, recall, and accuracy. Furthermore, the execution of JOANA and PIDGIN allow us to find eight confidentiality and integrity violations for the target systems. We registered these violations as issues on those projects. Our results also demonstrate that JOANA is faster than PIDGIN. At last, we provide some discussion for developers on which IFC tool fits better when dealing with sensitive information in software systems.

References

Karim Ali and Ondřej Lhoták. 2012. Application-only call graph construction. In European Conference on Object-Oriented Programming. 688–712.Google ScholarDigital Library
Karim Ali and Ondřej Lhoták. 2013. Averroes: Whole-program analysis without the whole program. In European Conference on Object-Oriented Programming. 378–400.Google ScholarDigital Library
Rodrigo Andrade and Paulo Borba. 2020. Privacy and security constraints for code contributions. Journal of Software: Practice and Experience 50, 10(2020), 1905–1929.Google ScholarCross Ref
Ken Biba. 1975. Integrity considerations for secure computer systems. Mitre Corporation (1975).Google Scholar
Blojsom. 2021. Blojsom. https://sourceforge.net/projects/blojsom/Google Scholar
Stephen Chong and Andrew C. Myers. 2004. Security Policies for Downgrading. In Conference on Computer and Communications Security. 198–209.Google Scholar
Stephen Chong, K. Vikram, and Andrew C. Myers. 2007. SIF: Enforcing Confidentiality and Integrity in Web Applications. In USENIX Security Symposium. 1–16.Google Scholar
CWE Community. 2021. CWE - Common Weakness Enumeration. https://cwe.mitre.org/Google Scholar
Andrea Continella et al.2017. Obfuscation-Resilient Privacy Leak Detection for Mobile Apps Through Differential Analysis. In ISOC Network and Distributed System Security Symposium.Google Scholar
Claes Wohlin et al.2012. Experimentation in software engineering. Springer Science & Business Media.Google ScholarCross Ref
David Binkley et al.2007. Empirical study of optimization techniques for massive slicing. ACM Transactions on Programming Languages and Systems 30, 1 (2007), 1–34.Google Scholar
Omer Tripp et al.2009. TaJ: effective taint analysis of web applications. ACM Sigplan Notices 44, 6 (2009), 87–97.Google ScholarDigital Library
Omer Tripp et al.2013. Andromeda: Accurate and scalable security analysis of web applications. In Fundamental Approaches to Software Engineering. 210–225.Google Scholar
Steven Arzt et al.2014. FlowDroid: Precise Context, Flow, Field, Object-sensitive and Lifecycle-aware Taint Analysis for Android Apps. SIGPLAN Notices 49, 6 (2014), 259–269.Google ScholarDigital Library
Salvatore Guarnieri et al.2011. Saving the World Wide Web from Vulnerable JavaScript. In International Symposium on Software Testing and Analysis. 177–187.Google Scholar
Tobias Hamann et al.2018. A uniform information-flow security benchmark suite for source code and bytecode. In Gruschka Nordic Conference on Secure IT Systems. 437–453.Google Scholar
Victor Basili et al. 1994. The goal question metric approach. In Encyclopedia of Software Engineering, John J. Marciniak (Ed.). Wiley, New Jersey, 528–532.Google Scholar
William Enck et al. 2010. TaintDroid: An Information-Flow Tracking System for Real-time Privacy Monitoring on Smartphones. In USENIX Symposium on Operating Systems Design and Implementation.Google Scholar
Simple Logging Facade for Java. 2004. SLF4J -Simple Logging Facade for Java. http://www.slf4j.orgGoogle Scholar
OWASP Foundation. 2021. OWASP - Open Web Application Security Project. https://owasp.org/Google Scholar
Karlsruher Institut fur Technologie. 2021. JOANA (Java Object-Sensitive Analysis) - Information Flow Control Framework for Java. https://pp.ipd.kit.edu/projects/joana/Google Scholar
Jürgen Graf, Martin Hecker, and Martin Mohr. 2013. Using JOANA for Information Flow Control in Java Programs - A Practical Guide. In Work. Conf. Program. Languages. 123–138.Google Scholar
Christian Hammer and Gregor Snelting. 2009. Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs. International Journal of Information Security 8 (2009), 399–422.Google ScholarDigital Library
Daniel Hedin and Andrei Sabelfeld. 2012. A Perspective on Information-Flow Control.Software Safety and Security 33 (2012), 319–347.Google Scholar
Susan Horwitz, Thomas Reps, and David Binkley. 1990. Interprocedural Slicing Using Dependence Graphs. ACM Transactions on Programming Languages and Systems 12 (1990), 26–60.Google ScholarDigital Library
Andrew Johnson, Lucas Waye, Scott Moore, and Stephen Chong. 2015. Exploring and Enforcing Security Guarantees via Program Dependence Graphs. SIGPLAN Notice 50, 6 (2015), 291–302.Google ScholarDigital Library
Benhamin Livshits. 2021. Securibench Micro. http://suif.stanford.edu/~livshits/work/securibench-micro/Google Scholar
V. B. Livshits and M. S. Lam. 2005. Finding security vulnerabilities in Java applications with static analysis. In USENIX Security Symposium. 271–286.Google Scholar
Lutece. 2021. Lutece. https://github.com/lutece-platformGoogle Scholar
A. Mettler, D. Wagner, and T. Close. 2010. Joe-E: A Security-Oriented Subset of Java. In Network and Distributed System Security Symposium. 357–374.Google Scholar
Andrew C. Myers. 1999. JFlow: Practical Mostly-Static Information Flow Control. In ACM Symposium on Principles of Programming Languages. 228–241.Google ScholarDigital Library
A. C. Myers, N. Nystrom, L. Zheng, and S. Zdancewic. 2021. Jif: Java information flow. http://www.cs.cornell.edu/jifGoogle Scholar
J. Newsome and D. Song. 2005. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. In Net. and Dist. Sys. Security Symp.Google Scholar
Andrei Sabelfeld and Andrew C. Myers. 2003. Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communications 21 (2003), 5–19.Google ScholarDigital Library
Scribejava. 2021. Simple OAuth library for Java. https://github.com/scribejava/scribejavaGoogle Scholar
Omer Tripp and Julia Rubin. 2014. A Bayesian Approach to Privacy Enforcement in Smartphones. In USENIX Security Symposium. 175–190.Google Scholar
Jean Yang, Kuat Yessenov, and Armando Solar-Lezama. 2012. A Language for Automatically Enforcing Privacy Policies. SIGPLAN Notices 47, 1 (2012), 85–96.Google ScholarDigital Library
Matteo Zanioli, Pietro Ferrara, and Agostino Cortesi. 2012. SAILS: Static Analysis of Information Leakage with Sample. In ACM Symposium on Applied Computing. 1308–1313.Google ScholarDigital Library

Index Terms

A Comparative Analysis Between Information Flow Control Tools for Java-written systems

Index terms have been assigned to the content through auto-classification.

Recommendations

Enforcing robust declassification and qualified robustness
Special issue on CSFW17

Noninterference requires that there is no information flow from sensitive to public data in a given system. However, many systems release sensitive information as part of their intended function and therefore violate noninterference. To control ...
Read More
Cryptographically sound implementations for typed information-flow security
POPL '08: Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

In language-based security, confidentiality and integrity policies conveniently specify the permitted flows of information between different parts of a program with diverse levels of trust. These policies enable a simple treatment of security, and they ...
Read More
Immutability and Encapsulation for Sound OO Information Flow Control
Security-critical software applications contain confidential information which has to be protected from leaking to unauthorized systems. With language-based techniques, the confidentiality of applications can be enforced. Such techniques are for example ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SBCARS '21: Proceedings of the 15th Brazilian Symposium on Software Components, Architectures, and Reuse
September 2021
109 pages
ISBN:9781450384193
DOI:10.1145/3483899
Editors:
Cristiano Vasconcellos
Universidade do Estado de Santa Catarina, Brazil
,
Karina Roggia
Universidade do Estado de Santa Catarina, Brazil
,
Paulo Bousfield
Universidade da Região de Joinville, Brazil
,
Vanessa Collere
Universidade da Região de Joinville, Brazil
,
Rodrigo Bonifácio
UnB, Brazil
Copyright © 2021 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 5 October 2021
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Accuracy
Confidentiality
Information-Flow Control
Integrity
Precision
Recall
Sensitive information
Qualifiers
- research-article
- Research
- Refereed limited
Conference

Acceptance Rates
Overall Acceptance Rate23of79submissions,29%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 62
  Total Downloads
- Downloads (Last 12 months)6
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format .

View HTML Format

A Comparative Analysis Between Information Flow Control Tools for Java-written systems

SBCARS '21: Proceedings of the 15th Brazilian Symposium on Software Components, Architectures, and Reuse

ABSTRACT

References

Cited By

Index Terms

Recommendations

Enforcing robust declassification and qualified robustness

Cryptographically sound implementations for typed information-flow security

Immutability and Encapsulation for Sound OO Information Flow Control