Title:
Camouflage: Automated Sanitization of Field Data
Camouflage: Automated Sanitization of Field Data
Author(s)
Clause, James
Orso, Alessandro
Orso, Alessandro
Advisor(s)
Editor(s)
Collections
Supplementary to
Permanent Link
Abstract
Privacy and security concerns have adversely affected the
usefulness of many types of techniques that leverage information gathered from deployed applications. To address this
issue, we present a new approach for automatically sanitizing failure-inducing inputs. Given an input I that causes
a failure f, our technique can generate a sanitized input I'
that is different from I but still causes f. I' can then be sent
to the developers to help them debug f, without revealing
the possibly sensitive information contained in I. We implemented our approach in a prototype tool, camouflage,
and performed an empirical evaluation. In the evaluation,
we applied camouflage to a large set of failure-inducing
inputs for several real applications. The results of the evaluation are promising; they show that camouflage is both
practical and effective at generating sanitized inputs. In particular, for the inputs that we considered, I and I' shared
no sensitive information.
Sponsor
Date Issued
2009
Extent
Resource Type
Text
Resource Subtype
Technical Report