期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于动态染色的内存漏洞定位技术 被引量:4

Memory-related Vulnerabilities Localization Technology Based on Dynamic Tainting
在线阅读 下载PDF
导出
摘要 针对程序漏洞,提出利用基于二进制的程序染色和程序分析技术来检测恶意攻击并有效定位程序漏洞,采用数据依赖关系分析和动态染色的方法,记录起传播作用的写指令及目的内存地址,当检测到漏洞攻击时,通过内存地址找到恶意写指令并定位漏洞。实验结果证明,该方法能成功定位常见内存漏洞的位置,并能定位到有漏洞的库函数的调用点。 This paper proposes an efficient mechanism to detect and locate the program vulnerability based on the binary taint analysis and program analysis lechniques. The method adopts the data flow analysis and taint analysis. The taint analysis method records the instruction which propagates the taint flag as well as the memory, address it writes to. When it detects the attack, it locates the bug by searching the malicious write instruction through the mcmory address it records. Results of experiments show that the system can localize popular vulnerabilities successfully, and it is able to localize library function call point.
作者 房陈 茅兵 谢立
机构地区 南京大学计算机科学与技术系软件新技术国家重点实验室
出处 《计算机工程》 CAS CSCD 北大核心 2010年第7期139-141,共3页 Computer Engineering
基金 国家自然科学基金资助项目(60773171) 国家"863"计划基金资助项目(2007AA01Z448) 江苏省自然科学基金资助项目(BK2007136)
关键词 程序漏洞 攻击检测 程序染色 缓冲区溢出 格式化字符串 program vulnerability attack detection program tainting buffer overflow format string
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献6

  • 1苏朋,陈性元,唐慧林,祝宁.基于进程执行轮廓的缓冲区溢出攻击效果检测[J].计算机工程,2009,35(6):156-158. 被引量:1
  • 2Newsome J, Song D. Dynamic Taint Analysis for Automatic Detection, Analysis and Signature Generation of Exploits on Commodity Software[C]//Proc. of the 12th Network and Distributed System Security Symposium. San Diego, USA: [s. n.], 2005.
  • 3Chen Shuo, Xu Jun, Nakka N. Defeating Memory Corruption Attacks via Pointer Taintedness Detection[C]//Proc. of IEEE International Conference on Dependable Systems and Networks. Yokohama, Japan: IEEE Computer Society, 2005: 378-387.
  • 4Xu Jun, Ning Peng, Kil C. Automatic Diagnosis and Response to Memory Corruption Vulnerabilities[C]//Proc. of the 12th ACM Conference on Computer and Communications Security. Alexandria, USA: ACM Press, 2005: 223-234.
  • 5Sezer E C, Ning Peng, Kil C. MemSherlock: An Automated Debugger for Memory Corruption Vulnerabilities[C]//Proc. of the 14th ACM Conference on Computer and Communication Security. Alexandria, USA: ACM Press, 2007: 562-572.
  • 6Satoshi K, Hiroyuki K, Ryota S. Base Address Recognition with Data Flow Tracking for Injection Attack Detection[C]//Proc. of the 12th IEEE Pacific Rim Intl, Symposium on Dependable Computing. Riverside, USA: IEEE Computer Society, 2006: 165-172.

二级参考文献4

  • 1张衡,卞洪流,吴礼发,张毓森,崔明伟,曾庆凯.基于LSM的程序行为控制研究[J].软件学报,2005,16(6):1151-1158. 被引量:5
  • 2Warrender C, Forrest S, Pearlmutter B. Detection Intrusion Using System Calls: Alternative Data Models[C]//Proc. of IEEE Symp. on Security and Privacy. Oakland, USA: IEEE Computer Society Press, 1999: 133-145.
  • 3Nebbett G Windows NT/2000 Native API Reference[M]. [S. l.]: Macmillan Technical Publishing, 2000.
  • 4Ivanov I. API Hooking Revealed[EB/OL]. (2007-10-11). http://www. codeproject.com.

同被引文献33

  • 1曹琰,王清贤,魏强,尹中旭.基于相容和搜索结合的并行约束求解方法[J].中南大学学报(自然科学版),2013,44(S2):268-272. 被引量:1
  • 2Luk C,Cohn R,Muth R.Pin:Building Customized Program Analysis Tools with Dynamic Instrumentation[C] //Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation.Chicago,USA:[s.n] ,2005.
  • 3StackShield V A Stack Smaching Technique Protection Tool for Linux[EB/OL].(2001-10-20).http://www.angelfire.con/sk/ stackshield/infor.htm.
  • 4Shacham T. The Geometry of Innocent Flesh on the Bone: Return-into-libc Without Function Calls (on the x86)[C] //Proc. of ACM CCS’07. New York, USA: ACM Press, 2007.
  • 5Kornau T. Return Oriented Programming for the ARM Architecture[D]. Bochum, German: Ruhr-University, 2010.
  • 6Chen Ping, Xiao Hai, Shen Xiaobin, et al. Drop: Detecting Return- oriented Programming Malicious Code[C] //Proc. of ICISS’10. Gandhinagar Gujarat, India: [s. n.] , 2010.
  • 7Davi L, Sadeghi A. Winandy M. Dynamic Integrity Measurement and Attestation: Towards Defense Against Return-oriented Programming Attacks[C] //Proc. of ACM Workshop on Scalable Trusted Computing. Chicago, USA: ACM Press, 2009.
  • 8Davi L, Sadeghi A, Winandy M. Ropdefender: A Detection Tool to Defend Against Return-oriented Programming Attacks[R]. Ruhr-University, Tech. Rep.: HGI-TR-2010-001, 2010.
  • 9Francillon A, Perito D. Defending Embedded Systems Against Control Flow Attacks[C] //Proc. of ACM Workshop on Secure Execution of Untrusted Code. New York, USA: ACM Press, 2009.
  • 10Kernels J L, Zhi Wang, Jiang Xuxian, et al. Defeating Return- oriented Rootkits with Return-less Kernels[C] //Proc. of EUROSYS’10. New York, USA: [s. n.] , 2010.

引证文献4

二级引证文献14

计算机工程
2010年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部