Dynamic taint tracking is the process of assigning label to variables in a program and then tracking the flow of the labels as the program executes. Dynamic taint tracking for java applications is achieved by instrumenting the application ie. adding parallel variable for each actual variable of the program and inserting additional bytecode instructions to track the flow of the parallel variables. In this paper we suggest partial instrumentation to achieve dynamic taint tracking with reasonable runtime overhead. Partial instrumentation involves instrumenting only parts of a java application, which are within the scope of a predefined source and sink set. Partial instrumentation is performed at the granularity level of a method. We use PetaBlox, a large-scale software analysis tool, which internally uses Datalog[3], to perform static analysis and infers all the methods within the scope of source and sink sets and a modified version of Phosphor[1] to achieve partial instrumentation. Test runs performed on some of the Dacapo benchmarks show a significant performance improvement over the version of Phosphor that performs complete instrumentation.

翻译：动态污点追踪是为程序中的变量分配标签，并在程序执行过程中追踪标签流动的过程。针对Java应用程序的动态污点追踪通常通过插桩实现，即为程序的每个实际变量添加并行变量，并插入额外的字节码指令以追踪这些并行变量的流动。本文提出采用部分插桩方法，以在合理的运行时开销下实现动态污点追踪。部分插桩仅对Java应用程序中处于预定义源点与汇点集合范围内的部分进行插桩，其操作粒度在方法级别。我们使用大规模软件分析工具PetaBlox（其内部采用Datalog[3]）进行静态分析，推断出源点与汇点集合范围内的所有方法，并采用Phosphor[1]的修改版实现部分插桩。在部分Dacapo基准测试上的实验表明，相较于执行完整插桩的Phosphor版本，该方法取得了显著的性能提升。