中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 基础软件国家工程研究中心  > 期刊论文
题名:
类Unix文件系统中TOCTTOU缺陷的静态分析方法
作者: 韩伟 ; 贺也平
关键词: TOCTTOU缺陷 ; 文件竞争条件 ; 静态分析 ; 流敏感分析 ; 路径敏感分析C (programming language) ; UNIX
刊名: 计算机研究与发展
发表日期: 2011
卷: 48, 期:8, 页:1430-1437
部门归属: 基础软件国家工程中心(中国科学院软件研究所);中国科学院研究生院;石家庄铁道大学信息科学与技术学院
摘要: 文件系统中的TOCTTOU缺陷是类Unix操作系统面临的一个严重安全问题,现有的静态检测方法具有很高的误报率.原因有2点:一是对导致TOCTTOU缺陷的函数对缺乏精确定义和分析;二是分析过程过度抽象,忽略了很多重要的程序信息.因此,首先对TOCTTOU缺陷进行了分类,并系统分析了C标准库中可以导致TOCTTOU缺陷的函数对.在此基础上,提出了一种TOCTTOU缺陷的静态分析方法,利用有限状态安全属性刻画TOCTTOU缺陷,分析精度达到了过程内路径敏感、过程间流敏感.实验结果表明,该方法能够有效检测C程序中的TOCTTOU缺陷,相比现有方法,有效降低了误报率.
英文摘要: TOCTTOU is a serious threat to Unix-style file systems. All the existing static detection methods have high false positive rate. There are two reasons: firstly, the function pairs which may cause TOCTTOU vulnerabilities are not defined and enumerated accurately; and secondly, the methods make an over-approximation of the program and omit a lot of useful information. In this paper, we first systematically examine the TOCTTOU pairs in the standard C library. On this basis, a static analysis method is presented to detect the TOCTTOU vulnerabilities. Vulnerability is expressed as a finite safety state property. At each program point, a value is associated to a set of states. To make the analysis more precise, the algorithm is inter-procedurally flow sensitive and intra-procedurally path sensitive. To achieve scalability, the safety state property of each procedural is analyzed independently and the inter-procedurally analysis is summary based. The experimental results show that this method can effectively find TOCTTOU vulnerabilities in C programs. In comparison with other static methods, this method can effectively reduce false positive rate.
语种: 中文
内容类型: 期刊论文
URI标识: http://ir.iscas.ac.cn/handle/311060/13851
Appears in Collections:基础软件国家工程研究中心_期刊论文

Files in This Item:
File Name/ File Size Content Type Version Access License
类Unix文件系统中TOCTTOU缺陷的静态分析方法.pdf(1036KB)----限制开放-- 联系获取全文

Recommended Citation:
韩伟,贺也平. 类Unix文件系统中TOCTTOU缺陷的静态分析方法[J]. 计算机研究与发展,2011-01-01,48(8):1430-1437.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[韩伟]'s Articles
[贺也平]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[韩伟]‘s Articles
[贺也平]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace