共查询到19条相似文献,搜索用时 183 毫秒
1.
2.
自安卓发布以来,由于其开源、硬件丰富和应用市场多样等优势,安卓系统已经成为全球使用最广泛的手机操作系统。同时,安卓设备和安卓应用的爆炸式增长也使其成为96%移动恶意软件的攻击目标。现存的安卓恶意软件检测方法中,忽视程序语义而直接提取简单程序特征的方法检测速度快但精确度不理想,将程序语义转换为图模型并采用图分析的方法精确度高但开销大且扩展性低。为了解决上述挑战,本文将应用的程序语义提取为函数调用图,保留语义信息的同时采用抽象API技术将调用图转换为抽象图以减少运行开销并增强鲁棒性。基于得到的抽象图,以Triplet Loss损失训练构建基于图卷积神经网络的抗混淆安卓恶意软件分类器SriDroid。对20246个安卓应用进行实验分析之后,发现SriDroid可以达到99.17%的恶意软件检测精确度,并具有良好的鲁棒性。 相似文献
3.
确保程序中没有运行时错误,对于软件安全性的保证十分重要。基于抽象解释的静态分析方法对程序语义进行抽象,是验证运行时错误最合适的形式化方法之一。然而抽象解释对于程序语义的抽象可能导致过近似问题,从而引发误报,降低了分析精度。因此提出了迹划分的技术,根据程序的迹对程序控制流图进行划分,对静态分析过程进行局部细化,减少了抽象解释过程中过近似引发的误报。迹划分技术以局部分析效率降低为代价换来了分析精度的提高。 相似文献
4.
5.
代码迷惑可以使恶意代码绕过基于特征匹配的恶意代码检测器的检测.本文利用抽象解释理论,从程序语义的角度对高鹰等人提出的基于语义的恶意代码检测算法处理代码迷惑的能力进行了分析.在对该算法形式化描述的基础上,建立了一个与其等价的基于迹语义的检测器,并通过证明基于迹语义的检测器对于保持变体关系的代码迷惑算法的谕示可靠性和谕示完备性,从理论上阐述了高鹰等人的恶意代码检测算法的谕示可靠性和谕示完备性. 相似文献
6.
7.
基于局部堆内存抽象表示的堆操作程序内存泄露检测 总被引:1,自引:0,他引:1
堆操作程序通过共享易变数据结构可灵活地申请、合并、删除堆内存.这类程序的内存泄漏检测要求精确的域敏感的指针别名信息,变得尤其复杂和难以处理.针对这个问题,提出了基于"指针扩展类型"域敏感的堆内存抽象方法,对指针变量在形态上的排列关系进行抽象以支持堆的局部推理.首先,定义了各种基本语句的操作语义,然后基于该抽象方法采用前向数据流迭代算法提出了一种新的内存泄露检测算法.在Crystal编译框架下实现了面向C程序的内存泄漏检测原型工具Heapcheck,该工具支持复杂数据结构内指针型数据域上的内存泄露检测.在典型基准C程序上的实验结果分析表明,该方法与现有的技术相比在效率和精度上都具有优势. 相似文献
8.
传统的基于Token的克隆检测方法利用代码字符串的序列化特性, 可以在大型代码仓中快速检测克隆. 但是与基于抽象语法树(AST)、程序依赖图(PDG)的方法相比, 由于缺少语法及语义信息, 针对文本有较大差异的克隆代码检测困难. 为此, 提出一种赋予语义信息的Token克隆检测方法. 首先, 分析抽象语法树, 使用AST路径抽象位于叶子节点的Token的语义信息; 然后, 在函数名和类型名角色的Token上建立低成本索引, 达到快速并有效地筛选候选克隆片段的目的. 最后, 使用赋予语义信息的Token判定代码块之间的相似性. 在公开的大规模数据集BigCloneBench实验结果表明, 该方法在文本相似度较低的Moderately Type-3和Weakly Type-3/Type-4类型克隆上显著优于主流方法, 包括NiCad、Deckard、CCAligner等, 同时在大型代码仓上需要更少的检测时间. 相似文献
9.
10.
《计算机工程与科学》2017,(10):1837-1846
安卓系统的恶意程序数量多且危害大,研究相应的检测方法是当前研究热点。现有方法仅单独提取语法或语义特征,难以准确刻画恶意程序的攻击意图。提出一种混合提取语法和语义特征的检测方法,语义特征为基于类抽象的污点传播路径集合,并结合权限声明和Intent-Action等语法特征,对特征规范化后应用K-means算法训练样本集生成恶意程序家族的特征向量,应用欧氏距离检测未知程序与特征向量的相似度。基于FlowDroid实现原型系统,对400个真实程序的分析结果表明该方法有较高的精确度。 相似文献
11.
Ivana Filipović Peter O’Hearn Noah Torp-Smith Hongseok Yang 《Formal Aspects of Computing》2010,22(5):547-583
Data refinement is a common approach to reasoning about programs, based on establishing that a concrete program indeed satisfies
all the required properties imposed by an intended abstract pattern. Reasoning about programs in this setting becomes complex
when use of pointers is assumed and, moreover, a well-known method for proving data refinement, namely the forward simulation
method, becomes unsound in presence of pointers. The reason for unsoundness is the failure of the “lifting theorem” for simulations:
that a simulation between abstract and concrete modules can be lifted to all client programs. The result is that simulation
does not imply that a concrete can replace an abstract module in all contexts. Our diagnosis of this problem is that unsoundness
is due to interference from the client programs. Rather than blame a module for the unsoundness of lifting simulations, our
analysis places the blame on the client programs which cause the interference: when interference is not present, soundness
is recovered. Technically, we present a novel instrumented semantics which is capable of detecting interference between a
module and its client. With use of special simulation relations, namely growing relations, and interpreting the simulation
method using the instrumented semantics, we obtain a lifting theorem. We then show situations under which simulation does
indeed imply refinement. 相似文献
12.
Nicoletta De Francesco Luca Martini 《International Journal of Information Security》2007,6(2-3):85-106
We present a method based on abstract interpretation to check secure information flow in programs with dynamic structures
where input and output channels are associated with security levels. In the concrete operational semantics each value is annotated
by a security level dynamically taking into account both the explicit and the implicit information flows. We define a collecting
semantics which associates with each program point the set of concrete states of the machine when the point is reached. The
abstract domains are obtained from the concrete ones by keeping the security levels and forgetting the actual values. Using
this framework, we define an abstract semantics, called instruction-level security typing, that allows us to certify a larger
set of programs with respect to the typing approaches to check secure information flow. An efficient implementation is shown,
operating a fixpoint iteration similar to that of the Java bytecode verification.
This work was partially supported by the Italian COFIN 2004 project “AIDA: Abstract Interpretation Design and Application”. 相似文献
13.
14.
《IEEE transactions on pattern analysis and machine intelligence》1983,(4):373-384
A system design method where the computer system is adapted to user semantics is described. In the method, user semantics are defined as abstract objects using special languages. Both user data semantics and user operations are defined. A translator converts the abstract definitions into internal machine storage representation and machine instructions. Users can then include the defined operations in user programs. Execution of the user operations transforms the internal state consistently with the definition of the operations. 相似文献
15.
16.
In this paper we generalize the notion of compositional semantics to cope with transfinite reductions of a transition system. Standard denotational and predicate transformer semantics, even though compositional, provide inadequate models for some known program manipulation techniques. We are interested in the systematic design of extended compositional semantics, observing possible transfinite computations, i.e. computations that may occur after a given number of infinite loops. This generalization is necessary to deal with program manipulation techniques modifying the termination status of programs, such as program slicing. We include the transfinite generalization of semantics in the hierarchy developed in 1997 by P. Cousot, where semantics at different levels of abstraction are related with each other by abstract interpretation. We prove that a specular hierarchy of non-standard semantics modeling transfinite computations of programs can be specifiedin such a way that the standard hierarchy can be derived by abstract interpretation. We prove that non-standard transfinite denotational and predicate transformer semantics can be both systematically derived as solutions of simple abstract domain equations involving the basic operation of reduced power of abstract domains. This allows us to prove the optimality of these semantics, i.e. they are the most abstract semantics in the hierarchy which are compositional and observe respectively the terminating and initial states of transfinite computations, providing an adequate mathematical model for program manipulation. 相似文献
17.
《Information and Computation》2007,205(9):1334-1370
We propose a method to analyze secure information flow in stack-based assembly languages, communicating with the external environment by means of input and output channels. The method computes for each instruction a security level for each memory variable and stack element. Instruction-level security analysis is flow-sensitive and hence is more precise than other analyses, such as standard security typing. Instruction-level security analysis is specified in the framework of abstract interpretation. We define concrete operational semantics which handles, in addition to execution aspects, the flow of information of the program. The basis of the approach is that each value is annotated by a security level and that the abstract domain is obtained from the concrete one by keeping the security levels and forgetting the actual values. Operand stack are abstracted as fixed-length stacks of security levels. An abstract state is a map from instructions to abstract machine configurations, where values are substituted by security levels. The abstract semantics consists of a set of abstract rules manipulating abstract states. The instruction-level security typing can be performed by an efficient fixpoint iteration algorithm, similar to that used by bytecode verification. 相似文献
18.
Lunjin Lu 《Higher-Order and Symbolic Computation》2003,16(4):341-377
This paper presents an abstract semantics that uses information about execution paths to improve precision of data flow analyses of logic programs. The abstract semantics is illustrated by abstracting execution paths using call strings of fixed length and the last transfer of control. Abstract domains that have been developed for logic program analyses can be used with the new abstract semantics without modification. 相似文献
19.
随着实时嵌入式系统的功能越来越复杂,现有的软硬件分离、软硬件协调等实时系统设计方法已经无法满足其系统实现的要求.本文根据模型驱动开发架构MDA和模型集成开发MIC的核心思想,将时间语义结合服务体/执行流(Servant/Exe-Flow Model,简称SEFM)模型,提出了一种基于模型驱动的实时系统设计方法.首先,本文给出了SEFM模型的元模型表达系统的抽象语义,同时使用XML语言和框图语言来描述SEFM模型的具体语法.结合XML解析技术,根据同一抽象语法的不同具体语法能够相互转化,实现了框图语言的代码生成,最后以实时跟车系统设计方案表明该系统实现方法的可行性和正确性. 相似文献