首页 | 本学科首页   官方微博 | 高级检索  
     

跨主机动态污点跟踪技术研究
引用本文:任飞飞,庄洪林,吴礼发,潘璠.跨主机动态污点跟踪技术研究[J].计算机工程,2013,39(3):162-166.
作者姓名:任飞飞  庄洪林  吴礼发  潘璠
作者单位:1. 中国人民解放军61660部队,北京,100089
2. 解放军理工大学指挥信息系统学院,南京,210007
基金项目:江苏省自然科学基金资助项目(BK2011115)
摘    要:为解决动态污点跟踪系统不能跨主机跟踪污点的问题,在Temu系统的基础上,提出基于应用程序编程接口Hook的污点跟踪方法。通过Hook插件完成对网络I/O函数的拦截,发送端Hook插件将污点数据和污染信息进行封装,接收端Hook插件解析数据包并根据污染信息对污点数据进行标记,由此实现跨主机动态污点跟踪。实验结果表明,基于该方法的原型系统可以实现跨主机污染传播,为动态污点跟踪技术在分布式环境中的应用提供支持。

关 键 词:动态污点跟踪  Temu系统  数据流  动态二进制分析  应用程序编程接口Hook
收稿时间:2011-12-05

Research on Cross-host Dynamic Taint Tracking Technology
REN Fei-fei , ZHUANG Hong-lin , WU Li-fa , PAN Fan.Research on Cross-host Dynamic Taint Tracking Technology[J].Computer Engineering,2013,39(3):162-166.
Authors:REN Fei-fei  ZHUANG Hong-lin  WU Li-fa  PAN Fan
Affiliation:(1. Chinese People’s Army 61660 Armed Forces, Beijing 100089, China; 2. Institute of Command Information System, PLA University of Science and Technology, Nanjing 210007, China)
Abstract:In order to solve the problem that taint tracking system can not realize cross-host dynamic taint tracking, based on Temu system, a taint tracking method based on Application Programming Interface(API) Hook is presented. It fulfills the interception of network I/O related system calls by Hook plug-ins, which embeds Hook services into API function calls to accomplish cross-host taint propagation. Taint data and information are encapsulated by Hook plug-in at sender. Hook plug-in analyzes data packets and marks taint data tainted according to taint information at receiver, so that cross-host dynamic taint tracking is realized. Experimental result indicates that the prototype system can implement cross-host taint propagation, which is helpful to application with dynamic taint tracking in distributed environment.
Keywords:dynamic taint tracking  Temu system  data flow  dynamic binary analysis  Application Programming Interface(API) Hook
本文献已被 万方数据 等数据库收录!
点击此处可从《计算机工程》浏览原始摘要信息
点击此处可从《计算机工程》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号