基于roBDD的细颗粒度动态污点分析(英文) 被引量：4

RoBDD-Based Fine-Grained Dynamic Taint Analysis

下载PDF

导出

摘要研究了细颗粒动态污点分析的瓶颈所在,提出一种基于roBDD的细颗粒度离线污点分析方法。实验结果表明该方法能够显著提高细颗粒度污点分析的性能,并减低内存需求,为进一步扩大细颗粒度污点分析的应用提供了途径。 The bottleneck of fine-grained taint analysis is figured out. A roBDD-based fine-grained off-linetaint analysis approach is proposed. The experiment results show that the proposed approach can significantly improve the performance of fine-grained taint analysis, and reduce the memory usage.

作者王铁磊韦韬邹维

机构地区北京大学互联网安全技术北京市重点实验室北京大学计算机科学技术研究所

出处《北京大学学报（自然科学版）》 EI CAS CSCD 北大核心 2011年第6期1003-1008,共6页 Acta Scientiarum Naturalium Universitatis Pekinensis

基金国家自然科学基金(61003216)资助

关键词动态污点分析 roBDD 程序分析 dynamic taint analysis roBDD program analysis

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献18

1Newsome J, Song D. Dynamic taint analysis: automatic detection, analysis, and signature gener- ation of exploit attacks on commodity software // Proceedings of the Network and Distributed Systems Security Symposium. San Diego, CA: ISOC, 2005: 134-150.
2Sharif M, Lanzi A, Giffin J, et al. Automatic reverse engineering of Malware emulators // The 2009 IEEE Symposium on Security and Privacy. Oakland: IEEE, 2009:94-109.
3Wang Tielei, Wei Tao, Gu Guofei, et al. Taintscope: a checksum-aware directed fuzzing tool for auto- maticsoftware vulnerability detection // Proceedings of the 31 st IEEE Symposium on Security and Privacy. Oakland: IEEE, 2010:497-512.
4Caballero J, Yin H, Liang Z, et al. Polyglot: automatic extraction of protocol message format using dynamic binary analysis// 14th ACM Conference on Computer and Communications Security. New York: ACM, 2007:317-329.
5Cui W, Peinado M, Chen K, et al. Tupni: automaticreverse engineering of input formats // Proceedings of the 15th ACM Conference on Computer and Communications Security. New York: ACM, 2008:391-402.
6Sharif M, Lanzi A, Giffin J, et al. Panorama: capturing system-wide information flow for malware detection and analysis // Proceedings of the 14th ACMConference on Computer and Communications Security. New York: ACM, 2007:116-127.
7Minato S. Zero-suppressed BDDs and their applic- ations. International Journal on Software Tools for Technology Transfer, 2001, 3:156-170.
8Denning D E. A lattice model of secure information flow. Commun ACM, 1976, 19:236-243.
9Suh G E, Lee J W, Zhang D, et al. Secure program execution via dynamic information flow tracking. SIGPLAN Not, 2004, 39:85-96.
10Clause J, Li W, Orso A. Dytan: a generic dynamic taint analysis framework // Proceedings of International Symposium on Software Testing and Analysis. New York: ACM, 2007:196-206.

同被引文献54

1Bekrar S, Bekrar C, Groz R, et al. A taint based approach for smart fuzzing [C]//Proc 5th IEEE International Conference on Software Testing, Verification and Validation. Piscatway N J: IEEE Press, 2012: 818-825.
2Newsome J, Song D. Dynamic taint analysis for automatic detection, analysis, and signature Generation of exploits on commodity software [EB/OL]. [2015-09-10]. http://reposi- tory.cmu.edu/cgiA, iewcontent.cgi?article= l O42& context=ece.
3Clause J, Li W, Orso A. Dytan: A generic dynamic taint analysis framework [C] //Proc 2007 International Sympo- sium on Software Testing and Analysis. New York: ACM Press, 2007: 196-206.
4Song D, Brumley D, Yin H, et al. Information Systems Secu- rity [M]. Berlin: Springer-Verlag Press, 2008.
5Ganesh V, Leek T, Rinard M. Taint-based directed whitebox fuzzing [C]//Proc of the 31st International Conference on Software Engineering. Washington: IEEE Press, 2009: 474-484.
6Sutton M, Greene A, Amini P. Fuzzing: Brute Force Vul- nerability Discovery [M]. Upper Saddle River: Addison- Wesley Professional Press, 2007.
7Pak B S. Hybrid Fuzz Testing: Discovering Software Bugs via Fuzzing and Symbolic Execution [D]. Pittsburgh: Carne- gie Mellon University, 2012.
8Caca labs. Zzuf [EB/OL]. [2015-09-10] . http://caca.zoy.org/ wiki/zzuf.
9Fitblip. Sulley [EB/OL]. [2015-09-10]. http://github.com/ OpenR CE/sulley.
10Cai J, ZOU P, He J, et al. A smart fuzzing approach for in- teger overflow detection [J]. Information Technology in In- dustry, 2014, 2(3): 98-103.

引证文献4

1崔化良,兰芸,崔宝江.动态污点分析技术在ActiveX控件漏洞挖掘上的应用[J].信息网络安全,2013(12):16-19. 被引量：2
2CAI Jun,ZOU Peng,MA Jinxin,HE Jun.SwordDTA： A Dynamic Taint Analysis Tool for Software Vulnerability Detection[J].Wuhan University Journal of Natural Sciences,2016,21(1):10-20. 被引量：4
3曾杰,魏强,曹琰,王清贤.基于Hash缓存的细粒度污点分析优化方法[J].信息工程大学学报,2017,18(5):607-612. 被引量：1
4董国良,臧洌,李航,甘露,郭咏科.基于污点分析的二进制程序漏洞检测[J].计算机技术与发展,2018,28(3):137-142. 被引量：3

二级引证文献10

1王夏菁,胡昌振,马锐,高欣竺.二进制程序漏洞挖掘关键技术研究综述[J].信息网络安全,2017(8):1-13. 被引量：14
2赵健,王瑞,李思其.基于污点分析的智能家居漏洞挖掘技术研究[J].信息网络安全,2018(6):36-44. 被引量：4
3文伟平,李经纬,焦英楠,李海林.一种基于随机探测算法和信息聚合的漏洞检测方法[J].信息网络安全,2019(1):1-7. 被引量：5
4邓其贵,韦彬贵.基于污点分析的工控系统漏洞挖掘技术研究[J].大众科技,2019,21(4):5-7. 被引量：1
5代培武,潘祖烈,施凡.面向漏洞类型的Crash分类研究[J].计算机工程与应用,2020,56(13):124-130. 被引量：1
6郭帆,范威威.面向Java EE程序的SQLIA漏洞分析和验证方法[J].计算机科学与探索,2021,15(2):270-283. 被引量：11
7梁威,洪倩.基于代码重写的动态污点分析[J].信息技术与网络安全,2022,41(2):33-38.
8潘海泽,李根,陈怡西,罗振华,韩建强.基于SEM-IPA的地铁盾构隧道施工安全脆弱性关键影响因素研究[J].隧道建设（中英文）,2023,43(6):936-947. 被引量：3
9刘志勇,吴东升.面向安全检测的污点分析技术研究综述[J].网络安全技术与应用,2023(12):18-21.
10郑炜,许晴晴,李奇,陈翔,孙家泽.Tenda AX12路由器0-Day栈溢出漏洞挖掘方法[J].信息安全学报,2024,9(3):157-175.

1史大伟,石志刚,秦晓军.基于污点状态空间的脆弱性可疑点定位方法[J].计算机应用研究,2015,32(1):232-235.
2彭飞,武东英,刘胜利,肖达,王东霞.一种Cisco IOS内存溢出攻击检测方法[J].计算机应用研究,2016,33(6):1785-1790. 被引量：2
3张骏立,夏银水,厉琼莹.AXIG及其在双逻辑综合中的应用[J].无线通信技术,2016,25(2):29-34.
4张斌,李孟君,吴波,唐朝京.基于动态污点分析的二进制程序导向性模糊测试方法[J].现代电子技术,2014,37(19):89-94. 被引量：2
5白金山,黄贻望,罗坤杰.一种建立二元判断图ROBD(D的算法)[J].科技咨询导报,2007(27):141-142.
6李红燕,高飞.基于ROBDD的布尔函数同构判定算法研究[J].计算机工程与设计,2011,32(6):1938-1941.
7钱俊彦,赵岭忠,古天龙.一种基于自动机理论的LTL检验符号优化方法[J].计算机工程,2005,31(23):20-21.
8陈衍铃,赵静.基于虚拟化技术的动态污点分析[J].计算机应用,2011,31(9):2367-2372. 被引量：4
9刘豫,聂眉宁,苏璞睿,冯登国.基于可回溯动态污点分析的攻击特征生成方法[J].通信学报,2012,33(5):21-28. 被引量：6
10廖明华.安卓应用程序误用用户信息的监测与控制[J].计算机系统应用,2014,23(6):215-219.

北京大学学报（自然科学版）

2011年第6期

浏览历史

内容加载中请稍等...

基于roBDD的细颗粒度动态污点分析(英文) 被引量：4

参考文献18

同被引文献54

引证文献4

二级引证文献10

相关作者

相关机构

相关主题

浏览历史