Institutional Repository
| a practical covert channel identification approach in source code based on directed information flow graph | |
| Wu JingZheng; Ding Liping; Wang Yongji; Han Wei | |
| 2011 | |
| 会议名称 | 2011 5th International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2011 |
| 会议录名称 | Proceedings - 2011 5th International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2011 |
| 页码 | 98-107 |
| 会议日期 | 27-Jun-02 |
| 会议地点 | Jeju Island, Korea, Republic of |
| 收录类别 | EI |
| 出版地 | United States |
| ISBN | 9780769544533 |
| 部门归属 | (1) National Engineering Research Center for Fundamental Software, Institute of Software, China; (2) State Key Laboratory of Computer Science, Institute of Software, China; (3) Graduate School, Chinese Academy of Science, Beijing, China |
| 摘要 | Covert channel analysis is an important requirement when building secure information systems and identification is the most difficult task. Although some approaches were presented they are either experimental or constrained to some particular systems. This paper presents a practical approach based on directed information flow graph taking advantage of the source code analysis. The approach divides the whole system into serval independent modules and analyzes them respectively. All the shared variables and their caller functions are found out from the source codes and modeled into directed information flow graphs. When the information flow branches are visible and modifiable to the external interface a potential covert channel exists. Contributions made in this paper are as follows a modularized analysis scheme is proved and reduces the workloads of identifying a directed information flow graph algorithm is presented and used to model the covert channels more than 30 covert channels have been identified in Linux kernel source code using this scheme and a typical channel scenario is constructed. © 2011 IEEE. |
| 关键词 | Algorithms Building Codes Computer Operating Systems Computer Programming Languages Graphic Methods Software Reliability |
| 主办者 | Korea Software Engineering Society |
| 内容类型 | 会议论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/14377 |
| 专题 | 互联网软件技术实验室 |
| 推荐引用方式 GB/T 7714 | Wu JingZheng,Ding Liping,Wang Yongji,et al. a practical covert channel identification approach in source code based on directed information flow graph[C]. United States,2011:98-107. |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| a practical covert c(204KB) | 开放获取 | -- | 请求全文 | |||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论