Abstract by Sean Brown
A posteriori taint tracking with relative stack heights
In today's world of personal information being handled by technology, it is increasingly important to ensure that personal information remains secure.
Leaking personal secrets can lead to impersonation, financial fraud, or even endanger people that rely on their information being private.
Since security vulnerabilities can be difficult to find manually, research has been done to find automated techniques to verify the privacy of programs.
These techniques are powerful in that they can prove that certain privacy attacks cannot be executed on a tested program.
However, these techniques tend to be limited in generality, precision, or efficiency.
One such technique is limited due to its need to simulate the call stack during analysis, which is difficult and sometimes impossible.
It may be possible to improve on this analysis by reformulating it to be more tractable and precise.
It is believed that the algorithm can be modified to only use relative positions in the program stack, reducing the difficulty of the computations required.