基于ARM架构的信息流追踪系统的设计与实现-《计算机技术与发展》

文章信息/Info

Title:: Design and Implementation of an.Information Flow Tracking System Based on ARM Architecture

Author(s):: SHI Zu-qing; ZHANG Tao; WANG Jin-shuang; YAO Jin-kui; YUAN Zhi-jian; Institute of Command Automation, PLA University of Science and Technology

Keywords:: information flow tracking; ARM architecture; page table entry ; instruction layer; taint

摘要:: 当前,智能手机平台面临着众多的安全威胁。动态信息流追踪是一种能够检测缓冲区溢出等安全威胁的有效技术。文中分析了动态信息流追踪技术的基本原理,设计并实现了基于ARM架构的信息流追踪系统。该系统通过在页表项上扩展添加污点标记位来标识来自不可信数据源的数据,扩充ARM架构指令集,在指令层追踪数据的传播过程并相应地完成污点传播。当系统跳转到来自不可信数据源的内存段执行时,CPU将产生异常通知用户,根据系统安全策略决定是否允许该操作继续执行。研究表明该系统能够有效实现ARM架构智能平台的安全防护

Abstract:: At present,smartphone platform is facing numerous security threats. Dynamic information flow tracking （DIFT） is an effective technique for detecting buffer overflow. It analyzed the basic principle of DIFT, designed and implemented an information tracking system for the ARM architecture. A taint marking bit was added to the page table entry, which was used to indicate data coming from untrusted source. The ARM instruction set was expanded to track the taint propagation accompanied with the propagation of the data. CPU will throw exceptions when the system jumps to memory segments containing data from untrusted source,and enforce the access decision according to system security policy. Thus the system can be protected from attacks originated from buffer overflows etc