摘要
针对软件动态可信度量方法中准确性和效率较低的问题,提出了一种以编译器插桩获取软件行为轨迹的软件动态可信SDTBT模型。通过分析包含函数调用和基本块调用的C程序控制流,在GCC编译预处理过程中设计软件插桩算法,提取软件行为轨迹;模型运行时可选择基本块或函数调用作为动态可信验证的对象,提高了软件度量的灵活性和效率,同时降低了度量资源消耗。实验分析表明,该模型能够准确提取软件行为轨迹信息,有效检测基于控制流的攻击行为,相较于已有模型有较高的准确性和较低的时间消耗。
According to the problems of accuracy and efficiency during the software dynamic trust measurement, this paper presented a software dynamic trusted model based on behavior trace (SDTBT). Firstly, this model designed a software instru- mentation algorithm in the GCC preprocessor process. Then, it analyzed the C program control flows which contained function calls and basic block calls to collect the software behavior tracks. At runtime, the model could choose the basic block or the function call as the object of the dynamic credibility verification which improved the flexibility and efficiency of software measurement and reduced the resource consumption. The experiments show that the model can acquire the behavior trace information of the software accurately and detect attacks based on control flow effectively. Compared to other models, it has higher accuracy and lower time consumption.
出处
《计算机应用研究》
CSCD
北大核心
2017年第2期539-542,共4页
Application Research of Computers
基金
国家"863"计划资助项目(2009AA012201)
国家自然科学基金资助项目(61472447)
关键词
行为轨迹
行为监控
插桩
动态可信
行为度量
behavior trace
behavior monitor
instrumentation
dynamic trusted
behavior measurement
