期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于虚拟化技术的动态污点分析 被引量:4

Dynamic taint analysis based on virtual technology
下载PDF
导出
摘要 在现有的污点分析技术基础上,针对当前污点分析工具的记录不准确等缺陷,研究并实现了基于虚拟化技术的动态污点分析。结合虚拟化技术设计了动态污点分析框架,针对内存污点数据和硬盘污点数据分别设计了基于Hook技术的污点标记模型和Hash遍历的污点标记模型,依据Intel&AMD的指令编码格式对指令进行分类并依据指令类型设计污点传播策略,为解决信息记录冗余问题设计了基于指令筛选的污点记录策略。实验证明,该技术是有效的动态污点分析方法,可以很好地运用于模糊测试中的测试用例生成与漏洞检测。 The record of the current taint analysis tool is not accurate. To solve this, dynamic taint analysis based on the virtual technology was studied and implemented. A virtualization based dynamic taint analysis framework was designed, and two kinds of taint signature models based on Hook technology and Hash-traversal technology were given respectively for memory taint and hard disk taint. A taint propagation strategy was put forward according to the instruction type which was classified by instruction encoding format of Inter&AMD, and a taint record strategy based on instruction filtering was given to solve the problem of redundant information records. The experimental results prove that the proposed method is effective, and can be well used in test case generation and vulnerability detection of fuzzy test.
作者 陈衍铃 赵静
机构地区 电子工程学院网络系 北京理工大学计算机学院
出处 《计算机应用》 CSCD 北大核心 2011年第9期2367-2372,共6页 journal of Computer Applications
关键词 模糊测试 虚拟化 污点分析 漏洞挖掘 信息安全 fuzzy test virtualization taint analysis vulnerability discovery information security
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献9

  • 1NEWSOME J, SONG D. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software [ D]. Pittsburgh: Carnegie Mellon University, School of Computer Science, 2005.
  • 2SUH G E, LEE J W, ZHANG D, et al. Secure program execution via dynarnie information flow tracking [ C]// ASPLOS-XI: Proceedings of the 11 th International Conference on Architectural Support for Programming Languages and Operating Systems. New York: ACM, 2004:85-96.
  • 3KONG JINGFEI, ZOU C C, ZHOU HUIYANG. Improving software security via rumime instruction-level taint checking [ C]// ASID '06: Proceedings of the 1st Workshop on Architectural Support for Programming Languages and Operating Systems. New York: ACM, 2006:18 - 24.
  • 4NGUYEN-TUONG A, GUARNIERI S, GREENE D, et al. Automatically hardening Web applications using precise tainting [ J]. IFIP Advances in Information and Communication Technology, 2005, 181(10) : 295 -307.
  • 5LEEK T R, BAKER G Z, BROWN R E, et al. Coverage maximization using dynamic taint tracing, TR-I 112 [ R]. Lexington, Massachusetts, US: MIT Lincoln Laboratory, 2007.
  • 6KANG M G, POOSANKAM P, YIN H. Renovo: a hidden code extractor for packed executables [ C]//WORM 07: Proceedings of the 2007 ACM Workshop on Recurring Malcode. New York: ACM, 2007: 46 - 53.
  • 7YIN H, SONG D, EGELE M, et al. Panorama: capturing systemwide information flow for malware detection and analysis [ C]// CCS '07: Proceedings of the 14th ACM Conference on Computer and Communications Security. New York: ACM, 2007:116 - 127.
  • 8YIN H, LIANG Z, SONG D. HookFinder: identifying and understanding malware hooking behaviors [ C]// NDSS 2008: Proceedings of the Network & Distributed System Security Symposium. San Diego, Califomia: [s.n], 2008: 16-23.
  • 9BRUMLEY D, HARTWIG C, LIANG Z, et al. Automatically identifying trigger-based behavior in malware [ J]. Botnet Detection, 2008, 36(5): 65 -88.

同被引文献32

  • 1王彤彤,韩文报,王航.基于安全需求的软件漏洞分析模型[J].计算机科学,2007,34(9):287-289. 被引量:5
  • 2Brumley D, Poosankam P, et al. Automatic patch-based exploit generation is possible: techniques and implieations[C]// SP' 08: Proceedings of the IEEE Security and Privacy Symposium. NJ: IEEE, 2008:143-157.
  • 3Miller B P, Fredriksenl. An empirical Study of the reliability of UNIX utilities [J]. Communications of the ACM, 1990,33(12) : 32-44.
  • 4Miller Barton P, Gergogy C, Fresriek M. An empirical study of the robustness of MacOS applications using random testing[C]// Proceedings of the 1st International Workshop on Random Tes- ting. New York: ACM, 2006 : 46-54.
  • 5Cowbc, Pu C, et al. StackGuard : Automatic adaptive detection and prevention of buffer-overflow attacks[C] // Proceedings of the 7th conference on USENIX Security Symposium. Berkeley, 1998..5-13.
  • 6King J C. Symbolic execution and program testing[C]//Commu- nications of the ACM. 1976:385-394.
  • 7Cadar C, Ganesh V, et al. EXE: Autornatically generating inputs of death[C] // CCS'06: Proceedings of the 13th ACM Confe- rence on Computer and Communieations Security. New York: ACM, 2006 : 322-335.
  • 8Luk C-K, Robert C, et al. Pin.. building customized program an- alysis tools with dynamic instrumentation[C]//PLDI05 : Procee- dings of the ACM SIGPLAN Conference on Programming Lan- guage Design and Implementation. New York: ACM, 2005 : 190- 200.
  • 9De Moura, Leonardo, Bjmer, et al. Z3: an efficient SMT Solver [C]//TACAS: Proceedings 14th International Conference. Ber- lin: Springer, 2008 : 337-340.
  • 10Petroni Jr N L, Hicks M. Automated detection of persistent kernel con- tml-flow attacks [ C ]//Proceedings of the 14th ACM conference on Computer and security. ACM, 2007 : 103 - 115.

引证文献4

二级引证文献12

计算机应用
2011年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部