DECAF plus plus - adava/DECAF-Selective GitHub Wiki

DECAF++ is the new version of DECAF Optimized with elastic taint propagation and elastic shadow memory access idea. To activate elastic taint propagation and/or elastic shadow memory access, configure with --enable-2nd-ccache and --enable-opt-smem options, and then compile.

       ./configure --enable-tcg-taint --enable-2nd-ccache --enable-opt-smem
       make

Note that, the optimizations are independent and can be used solely. In short, "--enable-2nd-ccache" is useful for applications that are CPU intensive and their processing on the tainted data is localized in a single module. On the other hand, "--enable-opt-smem" is useful for applications that store the tainted data in one or a few memory pages. Activating both optimizations often result in a better performance but there are cases that one optimization alone achieves a better performance. See the following publication for further details on the elastic tainting idea:

• Ali Davanian, Zhenxiao Qi, Yu Qu, and Heng Yin, DECAF++: Elastic Whole-System Dynamic Taint Analysis, 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2019.