An embedded variable granularity control flow verification method and system based on probabilistic prediction

A technology of probabilistic prediction and granularity control, which is applied in the fields of instrumentation, computing, electrical and digital data processing, etc., and can solve the problems of insufficient security, low operation cost, and high cost.

Inactive Publication Date: 2021-04-20
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The former verification scheme will check all control flow transfer instructions in the program, including branch instructions, function calls and return events. This kind of granular verification can guarantee safety but will cause a large overhead
The latter has less running overhead, it only checks the call relationship between functions (that is, function call and return events), but it is not safe enough

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An embedded variable granularity control flow verification method and system based on probabilistic prediction
  • An embedded variable granularity control flow verification method and system based on probabilistic prediction
  • An embedded variable granularity control flow verification method and system based on probabilistic prediction

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The present invention is an embedded variable granularity control flow verification scheme based on probabilistic prediction. The scheme verifies the integrity of software on an embedded platform by combining two verification schemes of coarse and fine granularity. There is a relative balance between safeguards. The invention utilizes the remote attestation framework to effectively prove the integrity of the embedded device, and credibly calculates the hash value of the control flow graph based on the TrustZone hardware isolation technology. The invention has the characteristics of high security, low running overhead, variable granularity of control flow and the like.

[0037] In order to make the purpose, advantages and technical solutions of the present invention clearer, the present invention will be further described in detail below through specific implementation and in conjunction with the accompanying drawings.

[0038] figure 1 Describes the overall architectu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an embedded variable granularity control flow verification method and system based on probability prediction, which is divided into a verification end and a proof end. Build a trusted path feature set, predict the vulnerability probability of each function in the target source program, and then perform coarse-grained instrumentation preprocessing on the function, and then use different inputs to obtain all possible dynamic controls of the target program on the verification side Flow graphs, these control flow graphs are replaced by hash values ​​and stored in the database; the collection of dynamic paths, the proof end runs the processed target program after receiving the request sent by the verification end, and calculates this control in the secure world The hash value of the flow graph is signed; the verification of the dynamic path, the proof end sends the signature to the verification end, and the verification end matches the hash value obtained by decrypting the signature in the database. If it can match, it means that the control flow of this operation is complete, otherwise the control flow integrity is violated.

Description

technical field [0001] The invention relates to a method system and method for verifying the integrity of software control flow on an embedded platform, and belongs to the field of dynamic measurement for key applications of embedded terminals. Background technique [0002] With the rapid development of embedded devices, especially the emergence of the Internet of Things (IoT), the integrity protection of key applications of embedded terminals has received increasing attention, and various integrity protection models and implementation methods have been proposed accordingly. . During the running of systems and applications, attackers can use various means to attack the systems or applications and destroy the integrity of these software. For example, Control-Flow Attack is one of the attack means, which is very common and can cause a relatively large threat. A control flow attack affects the runtime behavior of a program by hijacking the control flow of the program to an ar...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/563G06F21/565G06F21/566
Inventor 霍冬冬胡建行李宇田琛王瑜王雅哲
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap