Dynamic Taint Analysis for vulnerability Exploits Detection
Untrusted Data originating from network input and configuration files,causes many software security problems. Keeping track of the propagation of untrusted data in program runtime is the main idea of dynamic taint analysis for vulnerability exploits detection. In this method data from network user input and configuration files were labeled as taint. In virtue of data flow analysis we design taint propagating algorithm,and define several taint detection policies for security-critical function which used taint data in dangerous ways that could cause vulnerability exploit. A vulnerability exploit detection prototype system was implemented. In contrast to other taint analysis systems,our prototype system has higher accuracy and vulnerability exploits coverage and low workloads.
Dynamic taint analysis:Vulnerability exploits detection:Data flow analysis:Tainted scenes analysis
Heping Tang Shuguang Huang Yongliang Li Lei Bao
Department of Network engineering Electronic Engineering Institute HeFei Anhui China
国际会议
成都
英文
948-951
2010-04-16(万方平台首次上网日期,不代表论文的发表时间)