| 基于可回溯动态污点分析的攻击特征生成方法 |
| 其他题名 | attack signature generation by traceable dynamic taint analysis
|
| 刘豫; 聂眉宁; 苏璞睿; 冯登国
|
| 2012
|
| 发表期刊 | 通信学报
 |
| ISSN | 1000-436X
|
| 卷号 | 33期号:5页码:21-28 |
| 摘要 | 现有黑盒或白盒的攻击特征生成方法面临样本采集困难、自动化程度较低、依赖源代码等问题。为此提出了一种基于可回溯动态污点分析的攻击特征生成方法,通过监控进程动态执行流程,提取与攻击输入相关的操作序列和约束条件,重建特征执行环境并添加判定语句,生成图灵机式的攻击特征。构造原型系统并进行测试的结果表明该方法能快速生成简洁高效的攻击特征。 |
| 收录类别 | CNKI
; CSCD
; EI
|
| 其他摘要 | Most of known attack signature generation systems took either black-box method or white-box method,both of which were limited in several aspects,such as costing a long time to capture sufficient samples,demanding arduous manual analysis and requiring source code of the vulnerable program.An attack signature generation method based on an innovative traceable dynamic taint analysis framework was proposed.By monitoring the vulnerable process execution,the executing trace and the constrain conditions exactly related to input data exploiting the vulnerability was extracted.Finally,by restoring the execution context and supplementing the determinant statements an executable Turing machine signature was attained.A prototype system was implemented and evaluated with different attack samples,which proved that the proposed method was able to generate accurate attack signature fast. |
| 关键词 | 恶意代码
攻击特征生成
动态污点分析
攻击路径
|
| 部门归属 | 中国科学院软件研究所信息安全国家重点实验室;
|
| 学科领域 | Computer Science (Provided By Thomson Reuters)
|
| 资助者 | 国家自然科学基金资助项目(61073179,60703076)|中国科学院知识创新工程基金资助项目
|
| 语种 | 中文
|
| CSCD记录号 | CSCD:4543632
|
| 内容类型 | 期刊论文
|
| URI标识 | http://ir.iscas.ac.cn/handle/311060/15375
|
| 专题 | 中国科学院软件研究所
|
推荐引用方式
GB/T 7714 |
刘豫,聂眉宁,苏璞睿,等. 基于可回溯动态污点分析的攻击特征生成方法[J]. 通信学报,2012,33(5):21-28.
|
| APA |
刘豫,聂眉宁,苏璞睿,&冯登国.(2012).基于可回溯动态污点分析的攻击特征生成方法.通信学报,33(5),21-28.
|
| MLA |
刘豫,et al."基于可回溯动态污点分析的攻击特征生成方法".通信学报 33.5(2012):21-28.
|
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论