###
Journal of Software:2011.22(9):2036-2048

基于信息流策略的污点传播分析及动态验证
黄强,曾庆凯
(南京大学 计算机软件新技术国家重点实验室,江苏 南京 210093;南京大学 计算机科学与技术系,江苏 南京 210093;南京大学 计算机软件新技术国家重点实验室,江苏 南京 210093;南京大学 计算机科学与技术系,江苏 南京 210093;上海市信息安全综合管理技术研究重点实验室,上海 200240)
Taint Propagation Analysis and Dynamic Verification with Information Flow Policy
HUANG Qiang,ZENG Qing-Kai
(State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093, China;Department of Computer Science and Technology, Nanjing University, Nanjing 210093, China;State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093, China;Department of Computer Science and Technology, Nanjing University, Nanjing 210093, China;Shanghai Key Laboratory of Integrate Administration Technologies for Inf)
Abstract
Chart / table
Reference
Similar Articles
Article :Browse 3806   Download 5481
Received:January 04, 2010    Revised:March 03, 2010
> 中文摘要: 基于流和上下文敏感的SSA(static single assignment)信息流分析技术,提出了一种细粒度、可扩展的污点传播检测方法.利用控制流和数据流的相关信息,跟踪污染数据及其传播路径,可以检测缓冲区溢出、格式化串漏洞等程序脆弱性.分析过程在潜在问题点自动插装动态验证函数,在无需用户干预的情况下保证了程序的运行时安全.在GCC 编译器的基础上实现了分析系统,实验结果表明,该方法具有较高的精确度和时空效率.
Abstract:In this paper, based on a flow and context-sensitive SSA (static single assignment) information-flow analysis, a fine-grained and scalable approach is proposed for taint propagation analysis, which can not only track tainted data and its propagation path with control and data-flow properties, but also detect the vulnerabilities such as buffer overflow and format string bugs successfully. During the analysis, pieces of code considered vulnerable are instrumented with dynamic verification routines, so that runtime security is guaranteed in the absence of user intervention. The analysis system is implemented as an extension of GCC compiler, and the experiments have proven that this approach is efficient, holding both optimized accuracy and time-space cost.
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金(60773170, 60721002, 90818022, 61021062); 国家高技术研究发展计划(863)(2006AA01Z432);高等学校博士学科点专项科研基金(200802840002); 江苏省科技支撑计划(BE2010032); 上海市信息安全综合管理技术研究重点实验室开放课题(AGK2008003) 国家自然科学基金(60773170, 60721002, 90818022, 61021062); 国家高技术研究发展计划(863)(2006AA01Z432);高等学校博士学科点专项科研基金(200802840002); 江苏省科技支撑计划(BE2010032); 上海市信息安全综合管理技术研究重点实验室开放课题(AGK2008003)
Foundation items:
Reference text:

黄强,曾庆凯.基于信息流策略的污点传播分析及动态验证.软件学报,2011,22(9):2036-2048

HUANG Qiang,ZENG Qing-Kai.Taint Propagation Analysis and Dynamic Verification with Information Flow Policy.Journal of Software,2011,22(9):2036-2048