期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于域敏感指针分析的细粒度数据随机化技术 被引量:1

Fine-grained data randomization technique based on field-sensitive pointer analysis
下载PDF
导出
摘要 针对传统的数据随机化技术静态分析精度不高的问题,提出一种基于域敏感指针分析算法的细粒度数据随机化技术。在静态分析过程中,首先对中间表示进行语法抽象,得到形式化的语言表示;然后建立非标准类型系统,描述变量之间的指向关系;最后按照类型规则进行类型推断并求解,得到域敏感的指向关系。根据指向关系对数据进行随机化加密,得到经过随机化的可执行程序。实验数据表明,基于域敏感指针分析的数据随机化技术与传统的数据随机化技术相比,分析精度显著提高;处理时间开销平均增加了2%,但运行时间开销平均减少了3%。所提技术利用域敏感的指针分析,给程序带来更少的执行开销,并能够更好地提高程序的防御能力。 Concerning the low precision of static analysis in the traditional data randomization techniques,a Fine-Grained Data Randomization( FGDR) technique based on field-sensitive pointer analysis was proposed. During the static analysis,firstly,the syntax of the intermediate representation was abstracted to obtain the formal statement representation. Then,a nonstandard type inference system was established to describe points-to relationship between the variables. Finally,field-sensitive points-to relationship was solved by implementing type inference based on type rules. Based on the point-to relationship,the intermediate representation was randomizationly encrypted and translated to the randomized executable program. The experimental results indicate that,compared with the existing data randomization techniques,the proposed data randomization technique based on field-sensitive pointer analysis improved the precision of analysis. The processing time of the proposed technique was increased 2% while the run-time was decreased 3% on average. The proposed technique brings less overhead to the executable program and can effectively increase the defense ability with the field-sensitive pointer analysis algorithm.
作者 蔄羽佳 尹青 朱晓东
机构地区 信息工程大学
出处 《计算机应用》 CSCD 北大核心 2016年第6期1567-1572,共6页 journal of Computer Applications
关键词 随机化 指针分析 域敏感 注入型攻击 randomization pointer analysis field-sensitive injection attack
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献12

  • 1PORTOKAL1DIS G, KEROMYTIS A D. Fast and practical instruc- tion-set randomization for commodity systems [ C]// Proceedings of the 26th Annual Computer Security Applications Conference. New York: ACM, 2010:41-48.
  • 2JAJODIA S, GHOSH A K, SWARUP V, et al. Moving target de- fense: creating asymmetric uncertainty for cyber threats [ M]. Berlin: Springer, 2011:49-76.
  • 3GIUFFRIDA C, KUIJSTEN A, TANENBAUM A S. Enhanced oper- ating system security through efficient and fine-grained address space randomization[ C]// Security'12: Proceedings of the 21st USENIX Conference on Security Symposium. Berkeley: USENIX Associa- tion, 2012: 40.
  • 4LI L X, JUST J E, SEKAR R. Address-space randomization for windows systems [ C]// ACSAC'06: Proceedings of the 2006 22nd Annual Computer Security Applications Conference. Piscataway, NJ: 1EEE, 2006:329-338.
  • 5BHATKAR S, SEKAR R. Data space randomization [ C]//DIMVA 2008: Proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, LNCS 5137. Berlin: Springer, 2008:1-22.
  • 6CADAR C, AKRITIDIS P, COSTA M, et al. Data randomization [ EB/OL]. [ 2015-10-18]. http://research, microsoft, corrt/en-us/ um/people/mcastro/publications/tr-2008-120, pdf.
  • 7SRIDHARAN M, CHANDRA S, DOLBY J, et al. Alias analysis for object-oriented programs [ M]// Aliasing in Object-Oriented Pro- gramming. Berlin: Springer, 2013:196-232.
  • 8NASRE R, GOVINDARAJAN R. Prioritizing constraint evaluation for efficient points-to analysis [ C ]// Proceedings of the 9th Annual IEEE/ACM International Symposium on Code Generation and Optimi- zation. Washington, DC: IEEE Computer Society, 2011:267-276.
  • 9DAS M. Unification-based pointer analysis with directional assign- ments [ C]//PLD1 2000: Proceedings of the ACM SIGPLAN 2000 Conference on Programming Language Design and Implementation ACM Sigplan Notice. New York: ACM, 2000:35-46.
  • 10STEENSGAARD B. Points-to analysis by type inference of programs with structures mad unions [ C]//CC'96: Proceedings of the 6th In- ternational Conference on Compiler Construction, LNCS 1060. Ber- lin: Springer, 1996: 136-150.

二级参考文献12

  • 1Ghiya R, Lavery D, Sehr D. On the importance of points-to analysis and other memory disambiguation methods for C programs//Proeeedings of the ACM SIGPLAN 2001 Conference on Programming Language Design and Implementation. Snowbird, Utah, United States, 2001:47-58.
  • 2Andersen L O. Program analysis and specialization for the C programming language [Ph. D. dissertation]. University of Copenhagen, DIKU, 1994.
  • 3Steensgaard B. Points-to analysis in almost linear time//Proceedings of the 23rd ACM SIGPLAN SIGACT Symposium on Principles of Programming Languages. St. Petersburg Beach, Florida, United States, 1996:32-41.
  • 4Hardekopf B, Lin C. The ant and the grasshopper: Fast and accurate pointer analysis for millions of lines of code//Proceedings of the 2007 ACM SIGPLAN Conference on Programming Language Design and Implementation. San Diego, California, USA, 2007:290-299.
  • 5Pearce D J, Kelly P H J, Hankin C. Efficient field-sensitive pointer analysis of C. ACM Transactions on Programming Languages and Systems (TOPLAS), 2007, 30(1) : 4.
  • 6Pereira F M Q, Berlin D. Wave propagation and deep propa- gation for pointer analysis//Proceedlngs of the 7th Annual IEEE/ACM International Symposium on Code Generation and Optimization. Seattle, WA, USA, 2009.. 126 135.
  • 7Steensgaard B. Points-to analysis by type inference of programs with structures and unions//Proceedings of the 6th International Conference on Compiler Construction. London. UK: Springer Verlag, 1996:136-150.
  • 8Das M. Unification-based pointer analysis with directional assignments//Proceedings of the ACM SIGPLAN 2000 Conference on Programming Language Design and Implementation. Vancouver, British Columbia, Canada, 2000:35-46.
  • 9Fahndrich M, Rehof J, Das M. Scalable context-sensitive flow analysis using instantiation constraints//Proceedings of the ACM SIGPLAN 2000 Conference on Programming Language Design and Implementation. Vancouver, British Columbia, Canada, 2000:253-263.
  • 10Yong S H, Horwitz S, Reps T. Pointer analysis for programs with structures and casting//Proceedings of the ACM SIGPLAN 1999 Conference on Programming Language Design and Implementation. Atlanta, Georgia, United States, 1999, 91-103.

共引文献10

同被引文献4

引证文献1

二级引证文献18

计算机应用
2016年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部