[1]董国良,臧 洌,李 航,等.基于污点分析的二进制程序漏洞检测[J].计算机技术与发展,2018,28(03):137-142.[doi:10.3969/ j. issn.1673-629X.2018.03.029]
 DONG Guo-liang,ZANG Lie,LI Hang,et al.Vulnerability Detection of Binary Program Based on Dynamic Taint Analysis[J].,2018,28(03):137-142.[doi:10.3969/ j. issn.1673-629X.2018.03.029]
点击复制

基于污点分析的二进制程序漏洞检测()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
28
期数:
2018年03期
页码:
137-142
栏目:
安全与防范
出版日期:
2018-03-10

文章信息/Info

Title:
Vulnerability Detection of Binary Program Based on Dynamic Taint Analysis
文章编号:
1673-629X(2018)03-0137-06
作者:
董国良1    2 臧 洌1 李 航1 甘 露1 郭咏科1
1. 南京航空航天大学 计算机科学与技术学院,江苏 南京 211106;
2. 江南计算技术研究所,江苏 无锡 214083
Author(s):
DONG Guo-liang 1   2 ZANG Lie 1 LI Hang 1 GAN Lu 1 GUO Yong-ke 1
1. School of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211106,China;
2. Jiangnan Institute of Computing Technology,Wuxi 214083,China
关键词:
动态污点分析漏洞检测污点标记污点传播污点检测
Keywords:
dynamic taint analysisvulnerability detectiontaint marktaint propagationtaint detection
分类号:
TP311
DOI:
10.3969/ j. issn.1673-629X.2018.03.029
文献标志码:
A
摘要:
针对现有动态污点分析平台由于欠污染和过污染导致的准确度问题,研究并实现了一种面向二进制程序的动态污点分析方法。 从污点标记、污点传播和污点检测三个方面对现有污点分析技术的准确率问题进行改进,扩展了污点标记状态空间与污点传播状态转换的行为实体,根据指令特征对 X86 架构指令进行分析和归类,设计了兼顾数据流传播策略与控制流传播策略的污点传播策略,扩充了关于间接污染、潜在漏洞、污点清除等污点传播规则,定义了新的污点检测安全规则与相应的处理方式,完善了污点检测处理方法。 基于上述方法实现了改进的动态污点分析原型系统 ODDTA,对原型系统的实验结果表明,该方法可有效解决现有污点分析平台的漏报和误报问题,提升污点分析的准确率和执行效率。
Abstract:
In view of the accuracy caused by over-tainting and under-tainting in existing dynamic taint analysis platform,we study and implement a dynamic taint analysis method for binary program,which improves the accuracy of the existing taint analysis techniques from taint mark,taint propagation and taint detection. The state space of the taint marking and behavior entities of the taint propagation is extended. According to the characteristics of the instruction,the X86 architecture instruction is analyzed and classified. We design a complete
taint propagation strategy considering both tainted data-flow propagation strategy and control-flow propagation strategy,increase the taint propagation rule about indirect taint,potential vulnerabilities,taint removal and so on,define the new taint detection rules and their corresponding treatment,and perfect the taint detection method. On the basis of above methods,we implement a binary oriented vulnerability detection prototype system,namely ODDTA. The tests show that the proposed method can effectively solve the problem of false negatives
and false positives in the existing dynamic taint analysis platform,and improve the accuracy and efficiency of the taint analysis.

相似文献/References:

[1]马凯,蔡皖东,姚烨.Web2.0环境下SQL注入漏洞注入点提取方法[J].计算机技术与发展,2013,(03):121.
 MA Kai,CAI Wan-dong,YAO Ye.Injection Point Extraction Approach in SQL Injection Vulnerability under Web2. 0 Environment[J].,2013,(03):121.
[2]陈春玲,张凡,余瀚.Web应用程序漏洞检测系统设计[J].计算机技术与发展,2017,27(09):101.
 CHEN Chun-ling,ZHANG Fan,YU Han. Design of Vulnerability Detection System for Web Application Program[J].,2017,27(03):101.
[3]傅紫薇,沈子牛,陈云芳,等.以太坊智能合约的漏洞自动化修复技术研究[J].计算机技术与发展,2023,33(02):110.[doi:10. 3969 / j. issn. 1673-629X. 2023. 02. 017]
 FU Zi-wei,SHEN Zi-niu,CHEN Yun-fang,et al.Research on Automatic Vulnerability Repair Technology of Smart Contracts on Ethereum[J].,2023,33(03):110.[doi:10. 3969 / j. issn. 1673-629X. 2023. 02. 017]
[4]胡 飞,陈 昊,王 媛,等.基于图网络的 Java 反序列化漏洞检测方法[J].计算机技术与发展,2023,33(05):122.[doi:10. 3969 / j. issn. 1673-629X. 2023. 05. 019]
 HU Fei,CHEN Hao,WANG Yuan,et al.Call Chain Detection Method for Java Deserialization Vulnerability Based on Graph Network[J].,2023,33(03):122.[doi:10. 3969 / j. issn. 1673-629X. 2023. 05. 019]
[5]熊可欣,李 涛*,余 琴,等.PDGcross:基于跨文件图表征的源代码漏洞检测[J].计算机技术与发展,2023,33(08):102.[doi:10. 3969 / j. issn. 1673-629X. 2023. 08. 015]
 XIONG Ke-xin,LI Tao*,YU Qin,et al.PDGcross:Source Code Vulnerability Detection Based on Cross-file Graph Representation[J].,2023,33(03):102.[doi:10. 3969 / j. issn. 1673-629X. 2023. 08. 015]
[6]王 斌,李 峰,杨慧婷,等.Android 应用程序漏洞检测方法和工具新进展[J].计算机技术与发展,2024,34(02):9.[doi:10. 3969 / j. issn. 1673-629X. 2024. 02. 002]
 WANG Bin,LI Feng,YANG Hui-ting,et al.Recent Progress on Android Application Vulnerability Detection Methods and Tools[J].,2024,34(03):9.[doi:10. 3969 / j. issn. 1673-629X. 2024. 02. 002]

更新日期/Last Update: 2018-04-26