Dynamic binary analyzer for scanning vulnerabilities with taint analysis
详细信息    查看全文
  • 作者:Young-Hyun Choi (1)
    Min-Woo Park (1)
    Jung-Ho Eom (2)
    Tai-Myoung Chung (3)

    1. Department of Electrical and Computer Engineering     ; Sungkyunwan University ; 300 Cheoncheon-dong ; Jangan-gu ; Suwon-si ; Gyeonggi-do ; South Korea
    2. Military Studies     ; Daejeon University ; 62 Daehakro ; Dong-Gu ; Daejeon ; South Korea
    3. Department of Software     ; Sungkyunkwan University ; 300 Cheoncheon-dong ; Jangan-gu ; Suwon-si ; Gyeonggi-do ; South Korea
  • 关键词:Binary analysis ; Taint analysis ; Dynamic analysis ; Vulnerability
  • 刊名:Multimedia Tools and Applications
  • 出版年:2015
  • 出版时间:April 2015
  • 年:2015
  • 卷:74
  • 期:7
  • 页码:2301-2320
  • 全文大小:4,568 KB
  • 参考文献:1. Bellard F (2007) QEMU open source processor emulator. QEMU. http://www.qemu.org Accessed 30 July 2013
    2. Brumley D, Jager I, Avgerinos T, Schwartz E J (2011) BAP: a binary analysis platform. In Proc: CAV 2011, LNCS, vol. 6806, Springer, Heidelberg, pp. 463鈥?69
    3. Caballero, J, Johnson, NM, Kang, M-G, McCamant, S, Poosankam, P, Song, D (2010) Crash analysis with bitblaze. Blackhat, USA
    4. Choi Y-H, Chung T-M (2013) A framework for dynamic taint analysis of binary executable file. In. Proc. ICISA 2013, Pattaya, pp. 374鈥?75
    5. Chow J, Pfaff B, Garnkel T, Christopher K, Rosenblum M (2004) Understanding data lifetime via whole system simulation. In Proc: 13th USENIX Security Symposium, San Diego, pp. 321鈥?36
    6. Claburn T (2009) Cyber attack code starts killing infected PCs. Information Week Government. http://www.informationweek.com/government/security/cyber-attack-code-starts-killing-infecte/218401559 Accessed 30 July 2013
    7. Clause J, Li W, Orso A (2007) Dytan: a generic dynamic taint analysis framework. In Proc: the 2007 International Symposium on Software Testing and Analysis, ACM
    8. Elinor M (2009) Botnet worm in DOS attacks could wipe data out on infected PCs. CNET News. http://news.cnet.com/8301-1009_3-10284281-83.html Accessed 30 July 2013
    9. Heo, G-I, Park, Y-J, Park, W-H (2013) Vulnerability of information disclosure in data transfer section for constructing a safe smart work infrastructure. Multimed Tools Appl.
    10. Jang, Y-T, Chang, S-E, Chen, P-A (2013) Exploring social networking sites for facilitating multi-channel retailing. Multimed Tools Appl.
    11. Kang M, McCamant S, Poosankam P, Song D (2011) DTA++: dynamic taint analysis with targeted control-flow propagation. In Proc: 18th Annual Network and Distributed System Security Symposium
    12. Martyn W (2009) UK, not North Korea, source of DDOS attacks, researcher says. Computerworld. http://www.computerworld.com/s/article/9135492/U.K._not_North_Korea_source_of_DDOS_attacks_researcher_says Accessed 30 July 2013
    13. Mayer, C-B, Candan, K-S, Sangam, V (2004) Effects of user request patterns on a multimedia delivery system. Multimed Tools Appl 243: pp. 233-251 CrossRef
    14. Min J-W, Choi Y-H, Eom J-H, Chung T-M (2013) Eplicit untainting to reduce shadow memory usage and access frequency in taint analysis. In Proc: ICCSA2013, pp.195鈥?86
    15. Newsome J, Song D (2004) Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. Technical report, School of Computer Science Carnegie Mellon University
    16. Rahbar A (2006) Stack overflow on windows vista. Sysdream. http://www.sysdream.com/sites/default/files/Stack%20overflow%20on%20Windows%20Vista.pdf Accessed 30 July 2013
    17. Scholten, M (2007) Taint analysis in practice. Vrije Universiteit Amsterdam, Amsterdam
    18. Schwartz E, Avgerinos T, Brumley D (2010) All you ever wanted to know about dynamic taint analysis and forward symbolic execution. Security and Privacy (SP), 2010 I.E. Symposium, pp. 317鈥?31
    19. Song D, Brumley D, Yin H, Caballero J, Jager I, Kang M, Liang Z, Newsome J, Poosankam P, Saxena P (2008) BitBlaze: a new approach to computer security via binary analysis. 4th International Conference on Information Systems Security (ICISS), pp. 1鈥?5, Information Systems Security, Lecture Notes in Computer Science
    20. Sudworth J (2009) New 鈥榗yber attacks鈥?hit S Korea. BBC News. http://news.bbc.co.uk/2/hi/asia-pacific/8142282.stm Accessed 30 July 2013
    21. Urue帽a, M, Mu帽oz, A, Larrabeiti, D (2013) Analysis of privacy vulnerabilities in single sign-on mechanisms for multimedia websites. Multimed Tools Appl.
    22. Wu, H-T, Hsieh, W-S (2013) RSU-based message authentication for vehicular ad-hoc networks. Multimed Tools Appl 66: pp. 215-227 CrossRef
    23. Yin, H, Song, D, Egele, M, Kruegel, C, Kirda, E (2007) Panorama: capturing system-wide information flow for malware detection and analysis. Computer and Communication Security (CCS), Alexandria
  • 刊物类别:Computer Science
  • 刊物主题:Multimedia Information Systems
    Computer Communication Networks
    Data Structures, Cryptology and Information Theory
    Special Purpose and Application-Based Systems
  • 出版者:Springer Netherlands
  • ISSN:1573-7721
文摘
In this paper, we introduce an overview of a dynamic binary analyzer for scanning vulnerabilities by performing taint analysis. People have been using the traditional security programs of pattern matching technique such as anti-virus and anti-spyware to protect their computer from malicious code. These security programs, however, cannot completely scan malicious behaviors attacking through the unknown vulnerability and are hard to protect from the attacks using self-modifying code which changes its own codes during runtime. To prevent these security risks, we develop the dynamic binary analyzer that can find these unknown vulnerabilities and self-modifying code. We adopt taint analysis to find vulnerabilities that transpire during runtime. Also using taint analysis let us check what effects have been occurred to programs by the input data and how they do spread widely to across the resources in an operating system. Adopting the dynamic analysis that drives and analyzes the system only in virtual machine circumstance through the emulator can make us detect the falsification of program code in program operational process. So we describe the framework of our analyzer and then explain the execution process and output of each process by using three test case demonstrations. Furthermore, we introduce several test cases of the security vulnerability for the demonstration and explain the results of proposed analyzer on test cases. The dynamic binary analyzer for scanning vulnerabilities with taint analysis (1) can find out existed security vulnerabilities in binary file, (2) can monitor all the actions of the binary file that affects operating system and (3) can be an expandable tool through the additional security element and policy.

© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号

地址:北京市海淀区学院路29号 邮编:100083

电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700