首页    期刊浏览 2024年11月27日 星期三
登录注册

文章基本信息

  • 标题:Constructing a Hybrid Taint Analysis Framework for Diagnosing Attacks on Binary Programs
  • 本地全文:下载
  • 作者:Zhu, Erzhou ; Li, Xuejun ; Liu, Feng
  • 期刊名称:Journal of Computers
  • 印刷版ISSN:1796-203X
  • 出版年度:2014
  • 卷号:9
  • 期号:3
  • 页码:566-575
  • DOI:10.4304/jcp.9.3.566-575
  • 语种:English
  • 出版社:Academy Publisher
  • 摘要:For the purpose of discovering security flaws in software, many dynamic and static taint analyzing techniques have been proposed. By analyzing information flow at runtime, dynamic taint analysis can precisely find security flaws of software. However, on one hand, it suffers from substantial runtime overhead and is incapable of discovering the potential threats. On the other hand, static taint analysis analyzes program’s code without actually executing it which incurs no runtime overhead, and can cover all the code, but it is often not accurate enough. In addition, since the source code of most software is hard to acquire and intruders simply do not attach target program’s source code in practice, software flaw tracking becomes rather complicated. In order to cope with these issues, this paper proposes HYBit, a novel hybrid framework which integrates dynamic and static taint analysis to diagnose the flaws or vulnerabilities for binary programs. In the framework, the source binary is first analyzed by the dynamic taint analyzer. Then, with the runtime information provided by its dynamic counterpart, the static taint analyzer can process the unexecuted part of the target program easily. Furthermore, a taint behavior filtration mechanism is proposed to optimize the performance of the framework. We evaluate our framework from three perspectives: efficiency, coverage, and effectiveness. The results are encouraging.
  • 关键词:Binary Taint Analysis;Dynamic Analysis;Static Analysis;Software Vulnerability;Security
国家哲学社会科学文献中心版权所有