Embedded variable-granularity control flow verification method and system based on probability prediction

A probabilistic prediction and granularity control technology, applied in the direction of instruments, electrical digital data processing, platform integrity maintenance, etc., can solve problems such as low operating cost, large cost, and insufficient security

Inactive Publication Date: 2019-09-24
INST OF INFORMATION ENG CAS
View PDF6 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The former verification scheme will check all control flow transfer instructions in the program, including branch instructions, function calls and return events. This kind of granular verification can guar

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Embedded variable-granularity control flow verification method and system based on probability prediction
  • Embedded variable-granularity control flow verification method and system based on probability prediction
  • Embedded variable-granularity control flow verification method and system based on probability prediction

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention is an embedded variable granularity control flow verification scheme based on probabilistic prediction. The scheme verifies the integrity of software on an embedded platform by combining two verification schemes of coarse and fine granularity. There is a relative balance between safeguards. The invention utilizes the remote attestation framework to effectively prove the integrity of the embedded device, and credibly calculates the hash value of the control flow graph based on the TrustZone hardware isolation technology. The invention has the characteristics of high security, low running overhead, variable granularity of control flow and the like.

[0037] In order to make the purpose, advantages and technical solutions of the present invention clearer, the present invention will be further described in detail below through specific implementation and in conjunction with the accompanying drawings.

[0038] figure 1 Describes the overall architectu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an embedded variable-granularity control flow verification method and system based on probability prediction. The embedded variable-granularity control flow verification method is divided into a verification end and a certification end. The method comprise: constructing a trusted path feature set, carrying out vulnerability probability prediction on each function in the target source program, carrying out coarse-fine granularity instrumentation preprocessing on the functions, obtaining all possible dynamic control flow graphs of the target program by using different inputs in a verification end, and replacing and storing the control flow graphs in a database by using Hash values; collecting a dynamic path, the proving end running the processed target program after receiving the request sent by the verification end, and calculating the hash value of the control flow graph in the security world and signing; when the dynamic path is checked, the proving end sending a signature to the verifying end, the verifying end matching a Hash value obtained by decrypting the signature in a database, if the Hash value can be matched, the control flow running at the time being complete, and otherwise, the integrity of the control flow being damaged.

Description

technical field [0001] The invention relates to a method system and method for verifying the integrity of software control flow on an embedded platform, and belongs to the field of dynamic measurement for key applications of embedded terminals. Background technique [0002] With the rapid development of embedded devices, especially the emergence of the Internet of Things (IoT), the integrity protection of key applications of embedded terminals has received increasing attention, and various integrity protection models and implementation methods have been proposed accordingly. . During the running of systems and applications, attackers can use various means to attack the systems or applications and destroy the integrity of these software. For example, Control-Flow Attack is one of the attack means, which is very common and can cause a relatively large threat. A control flow attack affects the runtime behavior of a program by hijacking the control flow of the program to an ar...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56
CPCG06F21/563G06F21/565G06F21/566
Inventor 霍冬冬胡建行李宇田琛王瑜王雅哲
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap