期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于二进制动态插装程序执行路径追踪 被引量:1

Program Execution Tracer based on Dynamic Binary Instrumentation
下载PDF
导出
摘要 系统平台、编译器以及编译选项的差异,都可能会导致程序的源代码和编译得到的可执行代码之间存在语义差异,仅对源代码进行分析可能会遗漏隐藏在可执行代码里的漏洞。即使在源代码分析中验证了所需要的安全性质,也无法保证不违反可执行代码中的安全性质。本文基于一个二进制动态插装框架,设计并实现了一种对程序执行路径进行追踪的原型系统。实验证明,本系统在准确追踪执行路径的同时,能够过滤掉90%~99%的次要指令,极大提高了分析效率。最后,本文对其他的技术方案、现有原型系统的不足以及未来的工作进行了讨论。 The differences of system platform,compiler and compilation options are likely to lead semantic differences between source code and executable code,only source code analysis may omit vulnerabilities hidden in executable code.Even source code analysis has verified the nature of the need for security,but yet it can not assure the security nature in the executable code are satisfied not contrary to.This paper designed and implemented a program execution tracer based on dynamic binary instrumentation.The results show our prototype tool can accurately trace in the execution path,and be able to filter out 90% to 99% secondary instructions.At last,this paper discussed other technical solutions,the shortcoming of current prototype tool and the future work.
作者 常达 李舟军 杨天放 忽朝俭
机构地区 北京航空航天大学计算机学院
出处 《信息安全与技术》 2011年第9期41-46,共6页
关键词 可执行程序 路径追踪 动态插装 全系统虚拟机 executable tracer dynamic instrumentation whole-system virtual machine
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献18

  • 1Gogul Balakrishnan,Thomas Reps.WYSINWYX:What you see is not what you eXecute. ACM Trans.Program.Lang.Syst . 2010
  • 2Binnavi. http://www.zynamics.com/binnavi.html .
  • 3IDA Pro. http://www.hex-rays.com/idapro/ .
  • 4PaiMei. http://www.openrce.org/downloads/details/208/PaiMei .
  • 5Chi-Keung Luk,Robert Cohn,Robert Muth,Harish Patil,Artur Klauser,Geoff Lowney,Steven Wallace,Vijay Janapa Reddi,Kim Hazelwood.Pin:building customized program analysis tools with dynamic instrumentation. Proceedings of the2005ACM SIGPLAN conference on Programming language design and implementation (PLDI’’05) . 2005
  • 6Harish Patil,Cristiano Pereira,Mack Stallcup,Gregory Lueck,James Cownie.PinPlay:a framework for deterministic replay and reproducible analysis of parallel programs. Proceedings of the8th annual IEEE/ACM international symposium on Code generation and optimization (CGO’’10) . 2010
  • 7Sanjay Bhansali,Wen-Ke Chen,Stuart de Jong,Andrew Edwards,Ron Murray,Milenko Drini?,Darek Miho?ka,Joe Chau.Framework for instruction-level tracing and analysis of program executions. Proceedings of the2nd international conference on Virtual execution environments (VEE’’06) . 2006
  • 8Heng Yin,Dawn Song.TEMU:Binary code analysis via whole-system layered annotative execution. Technical Report UCB/EECS-2010-3 . 2010
  • 9D.L.Bruening.Efficient,Transparent,and Comprehensive Runtime Code Manipulation. (http://www.cag.lcs.mit.edu/dynamorio/) . 2004
  • 10J.Tucek,S.Lu,C.Huang,S.Xanthos,Y.Zhou.Triage:diagnos-ing production run failures at the user’’s site. SOSP2007 . 2007

同被引文献4

引证文献1

二级引证文献3

信息安全与技术
2011年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部