期刊文献+
共找到2篇文章
< 1 >
每页显示 20 50 100
SwordDTA: A Dynamic Taint Analysis Tool for Software Vulnerability Detection 被引量:4
1
作者 CAI Jun ZOU Peng +1 位作者 MA Jinxin HE Jun 《Wuhan University Journal of Natural Sciences》 CAS CSCD 2016年第1期10-20,共11页
Software vulnerabilities are the root cause of various information security incidents while dynamic taint analysis is an emerging program analysis technique. In this paper, to maximize the use of the technique to dete... Software vulnerabilities are the root cause of various information security incidents while dynamic taint analysis is an emerging program analysis technique. In this paper, to maximize the use of the technique to detect software vulnerabilities, we present SwordDTA, a tool that can perform dynamic taint analysis for binaries. This tool is flexible and extensible that it can work with commodity software and hardware. It can be used to detect software vulnerabilities with vulnerability modeling and taint check. We evaluate it with a number of commonly used real-world applications. The experimental results show that SwordDTA is capable of detecting at least four kinds of softavare vulnerabilities including buffer overflow, integer overflow, division by zero and use-after-free, and is applicable for a wide range of software. 展开更多
关键词 information security software vulnerability detection dynamic taint analysis use-after-free
原文传递
Automatic protocol reverse engineering for industrial control systems with dynamic taint analysis 被引量:4
2
作者 Rongkuan MA Hao ZHENG +3 位作者 Jingyi WANG Mufeng WANG Qiang WEI Qingxian WANG 《Frontiers of Information Technology & Electronic Engineering》 SCIE EI CSCD 2022年第3期351-360,共10页
Proprietary(or semi-proprietary)protocols are widely adopted in industrial control systems(ICSs).Inferring protocol format by reverse engineering is important for many network security applications,e.g.,program tests ... Proprietary(or semi-proprietary)protocols are widely adopted in industrial control systems(ICSs).Inferring protocol format by reverse engineering is important for many network security applications,e.g.,program tests and intrusion detection.Conventional protocol reverse engineering methods have been proposed which are considered time-consuming,tedious,and error-prone.Recently,automatical protocol reverse engineering methods have been proposed which are,however,neither effective in handling binary-based ICS protocols based on network traffic analysis nor accurate in extracting protocol fields from protocol implementations.In this paper,we present a framework called the industrial control system protocol reverse engineering framework(ICSPRF)that aims to extract ICS protocol fields with high accuracy.ICSPRF is based on the key insight that an individual field in a message is typically handled in the same execution context,e.g.,basic block(BBL)group.As a result,by monitoring program execution,we can collect the tainted data information processed in every BBL group in the execution trace and cluster it to derive the protocol format.We evaluate our approach with six open-source ICS protocol implementations.The results show that ICSPRF can identify individual protocol fields with high accuracy(on average a 94.3%match ratio).ICSPRF also has a low coarse-grained and overly fine-grained match ratio.For the same metric,ICSPRF is more accurate than AutoFormat(88.5%for all evaluated protocols and 80.0%for binary-based protocols). 展开更多
关键词 Industrial control system(ICS) ICS protocol reverse engineering dynamic taint analysis Protocol format
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部