A Taint Analysis Method Based on Taint Invariant Set
A taint analysis and taint technology, applied in the field of computer software security testing, can solve problems such as low applicability, no support for data processing, difficult application of taint analysis technology, etc., and achieve the effect of reducing false alarm rate and low resource consumption.
Active Publication Date: 2016-06-22
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF1 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Lam and Chiueh proposed a method based on taint marking and tracking to monitor code. This method has two disadvantages: one is low applicability, because the code needs to be recompiled; the other is that the taint analysis is not comprehensive, mainly because it does not support control flow. data processing
It can even be said that the taint analysis technology with a high false positive rate is difficult to apply in practice
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0066] Step 1: Obtain the original taint data original_set through the traditional taint analysis method. Among them, the traditional taint analysis method is to mark common taint sources, taking disk files as an example. Insert operating system functions through the API provided by Pin, such as: open, read, mmap, etc., because operations on disk files generally use these functions. It should be noted that different operating systems require different functions that require instrumentation. Taking Windows as an example, the functions that require instrumentation are OpenFile, ReadFile, and so on.
[0067] Step 2: Obtain the taint invariant set invariable_set.
[0068] Step 2.1: Execute the program p whose input is input, and obtain the set var_set of all variables and their values, where input refers to the set of assignments to externally accepted inputs;
[0069] Step 2.2: Initialize the number of cycles to 0;
[0070] Step 2.3: When the number of cycles is less than the ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
A taint analyzing method based on a taint invariable set includes the following steps of firstly, obtaining original taint data original_set through the taint analyzing method; secondly, obtaining a taint invariable set invariable_set; thirdly, obtaining a final taint data taint_set, wherein the final taint data taint_set is equal to the difference between the original taint data original_set and the taint invariable set invariable_set; fourthly, setting up a taint data structure; fifthly, tracking taint spreading, and putting forward a light-weight taint spreading tracking method; sixthly, tracking a taint pointer, wherein in order to track the taint pointer, the target operation number is marked with taints as well when the addresses of indirection addressing or registers are taint data; seventhly, setting a bug detection rule, directly conducting pile insertion on a memory function, and detecting whether function parameters are marked with taints or not before the memory function is called, wherein the bug of the memory function is detected if yes.
Description
technical field [0001] The taint analysis method based on the taint invariant set proposed by the invention is used to solve the problem of high false alarm rate in traditional taint analysis, and belongs to the field of computer software safety testing. Background technique [0002] Code auditing, software verification and software testing are all key technologies to ensure software reliability and security, and software testing is the most common technology to verify software quality. The demand for high-quality software products makes software testing play an increasingly important role in the software development cycle. Recent surveys show that software testing has increased from 50% to 80% of software development costs. Taint analysis technology was proposed in 1998 and became a research hotspot after 2005 because of its multiple advantages and broad application prospects, including: software protection, software defect discovery and software defect analysis, etc. [...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36
Inventor 牛伟纳张小松赖特陈瑞东王东陈厅冀风宇李杰
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA