10–11 Jun 2025
KBC building, Umeå University
Europe/Copenhagen timezone

Bypassing Dynamic Taint Analyzers

10 Jun 2025, 13:00
45m
KBE303 - Stora Hörsalen (KBC building, Umeå University)

KBE303 - Stora Hörsalen

KBC building, Umeå University

Umeå, Sweden
Talks and presentations Talks

Speaker

Yufei Wu

Description

Dynamic taint analysis (DTA) is widely used to detect information flow
vulnerabilities by tracking the propagation of taint tags at runtime.
However, existing DTA approaches rely on the assumption that the underlying
type system is secure. In reality is it often not the case. In this
presentation we will look at how attackers can manipulate object types and
directly alter taint labels, effectively bypassing taint tracking
mechanisms.

Optional: Speaker / convener biography

Yufei Wu, PhD student at Umeå, researches software security, focusing on
program analysis, software vulnerabilities, and taint tracking.

Primary author

Presentation materials

There are no materials yet.