Dynamic taint analysis based on virtual technology

doi:10.3724/SP.J.1087.2011.02367

Journal of Computer Applications ›› 2011, Vol. 31 ›› Issue (09): 2367-2372.DOI: 10.3724/SP.J.1087.2011.02367

• Information security • Previous Articles Next Articles

Dynamic taint analysis based on virtual technology

CHEN Yan-ling¹,ZHAO Jing²

1. Department of Network, Electrical Engineering Institute, Hefei Anhui 230037, China
2. School of Computer Science and Technology, Beijing Institute of Technology, Beijing 100083, China

Received:2011-01-25 Revised:2011-03-22 Online:2011-09-01 Published:2011-09-01
Contact: CHEN Yan-ling

基于虚拟化技术的动态污点分析

陈衍铃¹,赵静²

1. 电子工程学院网络系，合肥 230037
2. 北京理工大学计算机学院，北京 100083

通讯作者: 陈衍铃
作者简介:陈衍铃(1985-)，男，福建龙岩人，硕士研究生，主要研究方向：网络安全；
赵静(1985-)，男，安徽太和人，硕士研究生，主要研究方向：网络安全。

Abstract

Abstract: The record of the current taint analysis tool is not accurate. To solve this, dynamic taint analysis based on the virtual technology was studied and implemented. A virtualization based dynamic taint analysis framework was designed, and two kinds of taint signature models based on Hook technology and Hash-traversal technology were given respectively for memory taint and hard disk taint. A taint propagation strategy was put forward according to the instruction type which was classified by instruction encoding format of Inter&AMD, and a taint record strategy based on instruction filtering was given to solve the problem of redundant information records. The experimental results prove that the proposed method is effective, and can be well used in test case generation and vulnerability detection of fuzzy test.

Key words: fuzzy test, virtualization, taint analysis, vulnerability discovery, information security

摘要： 在现有的污点分析技术基础上，针对当前污点分析工具的记录不准确等缺陷，研究并实现了基于虚拟化技术的动态污点分析。结合虚拟化技术设计了动态污点分析框架，针对内存污点数据和硬盘污点数据分别设计了基于Hook技术的污点标记模型和Hash遍历的污点标记模型，依据Intel&AMD的指令编码格式对指令进行分类并依据指令类型设计污点传播策略，为解决信息记录冗余问题设计了基于指令筛选的污点记录策略。实验证明，该技术是有效的动态污点分析方法,可以很好地运用于模糊测试中的测试用例生成与漏洞检测。

关键词: 模糊测试, 虚拟化, 污点分析, 漏洞挖掘, 信息安全

CLC Number:

TP309.2

CHEN Yan-ling ZHAO Jing. Dynamic taint analysis based on virtual technology[J]. Journal of Computer Applications, 2011, 31(09): 2367-2372.

陈衍铃赵静. 基于虚拟化技术的动态污点分析[J]. 计算机应用, 2011, 31(09): 2367-2372.

[1]	Jinhui CAI, Zhongxu YIN, Guoxiao ZONG, Junru LI. Integrated method of inference and taint analysis for nested branch breakthrough [J]. Journal of Computer Applications, 2024, 44(12): 3823-3830.
[2]	Jihui LIU, Chengwan HE. Online detection of SQL injection attacks based on ECA rules and dynamic taint analysis [J]. Journal of Computer Applications, 2023, 43(5): 1534-1542.
[3]	Shaochen HAO, Zizuan WEI, Yao MA, Dan YU, Yongle CHEN. Network intrusion detection model based on efficient federated learning algorithm [J]. Journal of Computer Applications, 2023, 43(4): 1169-1175.
[4]	Haiyan HU, Qiaoyan KANG, Shuo ZHAO, Jianfeng WANG, Youbin FU. Service function chain deployment optimization method based on node comprehensive importance ranking [J]. Journal of Computer Applications, 2023, 43(3): 860-868.
[5]	Hongliang TIAN, Ping GE, Mingjie XIAN. Distribution network operation exception management mechanism based on blockchain [J]. Journal of Computer Applications, 2023, 43(11): 3504-3509.
[6]	Zexi WANG, Minqing ZHANG, Yan KE, Yongjun KONG. Reversible data hiding algorithm in encrypted domain based on secret image sharing [J]. Journal of Computer Applications, 2022, 42(5): 1480-1489.
[7]	MA Hua, CHEN Yuepeng, TANG Wensheng, LOU Xiaoping, HUANG Zhuoxuan. Survey of research progress on crowdsourcing task assignment for evaluation of workers’ ability [J]. Journal of Computer Applications, 2021, 41(8): 2232-2241.
[8]	Gang CHEN, Xiangru MENG, Qiaoyan KANG, Yong YANG. Virtual software defined network mapping algorithm based on topology segmentation and clustering analysis [J]. Journal of Computer Applications, 2021, 41(11): 3309-3318.
[9]	ZHAO Jihong, WU Doudou, QU Hua, YIN Zhenyu. Survivable virtual network embedding guarantee mechanism based on software defined network [J]. Journal of Computer Applications, 2020, 40(3): 770-776.
[10]	XU Yingxin, SUN Lei, ZHAO Jiancheng, GUO Songhui. Virtual field programmable gate array placement strategy based on ant colony optimization algorithm [J]. Journal of Computer Applications, 2020, 40(3): 747-752.
[11]	REN Yuzhu, ZHANG Youwei, AI Chengwei. Survey on taint analysis technology [J]. Journal of Computer Applications, 2019, 39(8): 2302-2309.
[12]	XIAO Kai, WANG Meng, TANG Xinyu, JIANG Tonghai. Public welfare time bank system based on blockchain technology [J]. Journal of Computer Applications, 2019, 39(7): 2156-2161.
[13]	LUO Xiaofeng, YANG Xingchun, HU Yong. Improved decision diagram for attribute-based access control policy evaluation and management [J]. Journal of Computer Applications, 2019, 39(12): 3569-3574.
[14]	CAO Zhenhuan, CAI Xiaohai, GU Menghe, GU Xiaozhuo, LI Xiaowei. Android permission management and control scheme based on access control list mechanism [J]. Journal of Computer Applications, 2019, 39(11): 3316-3322.
[15]	QIN Biao, GUO Fan, TU Fengtao. Correctness verification of static taint analysis results for Android application [J]. Journal of Computer Applications, 2019, 39(10): 3018-3027.

Dynamic taint analysis based on virtual technology

基于虚拟化技术的动态污点分析

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics