一种基于逆向迭代搜索的快速隐通道检测方法

doi:10.3969/j.issn.1001-2400.2011.03.020

J4 ›› 2011, Vol. 38 ›› Issue (3): 128-135.doi: 10.3969/j.issn.1001-2400.2011.03.020

一种基于逆向迭代搜索的快速隐通道检测方法

张立勇；王献青；陈平；邓凡；孔德兰

(西安电子科技大学软件工程研究所，陕西西安 710071)

收稿日期:2010-07-19 出版日期:2011-06-20 发布日期:2011-07-14
通讯作者: 张立勇
作者简介:张立勇(1976-)，男，副教授，西安电子科技大学博士研究生，E-mail: zhangliyong@xidian.edu.cn．
基金资助:
国家“十一五”预研资助项目(51315060103)

Fast reverse searching method for covert channels identification

ZHANG Liyong；WANG Xianqing；CHEN Ping；DENG Fan；KONG Delan

(Research Inst. of Software Engineering, Xidian Univ., Xi'an 710071， China)

Received:2010-07-19 Online:2011-06-20 Published:2011-07-14
Contact: ZHANG Liyong

摘要/Abstract

摘要：

提出了一种基于静态分析的隐通道自动检测方法．采用完整语法与语义分析手段完成原始信息流提取，保留了局部变量导致的间接信息流，定义了库函数信息流规则以及信息流推导规则，提高了信息流收集的准确性与完整性| 采用基于信息流图的带约束逆向深度优先搜索算法，实现了潜在隐通道检测，与传统共享资源矩阵法与正向遍历信息流图方法相比，该方法具有更高的检测效率|并通过语法及语义规则实现了伪隐通道的筛选，减少了误报．

关键词: 隐通道, 静态分析, 信息流图, 带约束的逆向深度优先搜索

Abstract:

A method for identifing covert channels automatically based on static analysis is proposed. The method adopts typical syntax and semantic analysis technology to implement initial information flow extraction, retains indirect information flows produced by local variables and establishes information flow rules for library functions and information flow deduction, which enhanceds the accuracy and integrality of information flow collection. Based on the information flow graph, a constrained reverse depth-first traversing (DFT) algorithm is designed to iteratively detect potential covert channels, and the efficiency of covert channel detection is thus improved. Finally, syntax and semantic rules are discussed to eliminate illegal covert channels.

Key words: covert channels, static analysis, information flow graph, constrained reverse DFT

中图分类号:

TP311

张立勇；王献青；陈平；邓凡；孔德兰. 一种基于逆向迭代搜索的快速隐通道检测方法[J]. J4, 2011, 38(3): 128-135.

ZHANG Liyong；WANG Xianqing；CHEN Ping；DENG Fan；KONG Delan. Fast reverse searching method for covert channels identification[J]. J4, 2011, 38(3): 128-135.

参考文献

［1］卿斯汉, 朱继峰. 安胜安全操作系统的隐蔽通道分析［J］. 软件学报, 2004, 15(9): 1385-1392.
Qing Sihan, Zhu Jifeng. Covet Channel Analysis on ANSHENG Secure Operating System［J］. Journal of Software, 2004,15(9): 1385-1392.
［2］ Denning D E. A Lattice Model of Secure Information Flow［J］. Communications of the ACM, 1976, 19(5): 236-243.
［3］ Tsai C R, Gligor V D, Chandersekaran C S. A Formal Method for the Identification of Covert Storage Channels in Source Code［J］. IEEE Trans on Software Engineering, 1990, 16(6): 569-580.
［4］ Kemmerer R A. Shared Resource Matrix Methodology: an Approach to Identifying Storage and Timing Channels［J］. ACM Trans on Computer Systems. 1983, 1(3): 256-277.
［5］ Porras P A, Kemmerer R A. Covert Flow Trees: a Technique for Identifying and Analyzing Covert Storage Channels［C］//Proceedings of the 1991 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 1991: 36-51.
［6］ Lampson B W. A Note on the Confinement Problem［J］. Communications of the ACM, 1973, 16(10): 613-615.
［7］ Kemmerer R A. A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later［C］//Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC'02). Washington: IEEE Computer Society, 2002: 109-118.
［8］ Shaffer A B, Auguston M, Irvine C E, et al. A Security Domain Model to Assess Software for Exploitable Covert Channels［C］//Proceedings of the Third ACM SIGPLAN Workshop on Programming Languages and Analysis for Security. Tucson: ACM, 2008: 45-56.
［9］权义宁, 胡予濮. 改进的操作系统安全访问控制模型［J］. 西安电子科技大学学报, 2006, 33(4): 539-542.
Quan Yining, Hu Yupu. An Improved Secure Access Control Model in Operating System［J］. Journal of Xidian University, 2006, 33(4): 539-542.
［10］ Shen J, Qing S. A Dynamic Information Flow Model of Secure Systems［C］//Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security. Singapore: ACM, 2007: 341-343.
［11］陈玉峰, 李志武. 安全Petri网事件分离状态的BDD算法［J］. 西安电子科技大学学报, 2010, 37(1):119-124.
Chen Yufeng, Li Zhiwu. Computation of Marking/Transition Separation Instances for Safe Petri Nets Using BDD［J］. Journal of Xidian University, 2010, 37(1): 119-124.
［12］ Zhai G, Zhang Y, Liu C, et al. Automatic Identification of Covert Channels inside Linux Kernel Based on Source Codes［C］//ACM International Conference Proceeding Series| Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human. Seoul: ACM, 2009: 440-445.
［13］崔宾阁, 刘大昕. 基于信息流图的隐通道分析技术研究［J］. 哈尔滨工程大学学报, 2006, 27(5): 742-747.
Cui Binge, Liu Daxin. Using an Information Flow Graph to Identify and Analyze Covert Channels［J］. Journal of Harbin Engineering University, 2006, 27(5): 742-747.

[1]	黄昱铭,马建峰,刘志全,冯丙文,魏凯敏. 一种基于规则的自动程序修复方法[J]. 西安电子科技大学学报, 2020, 47(4): 117-123.
[2]	黄昱铭,马建峰,刘志全,魏凯敏,冯丙文. 自动程序修复中的安全隐患场景及解决方案[J]. 西安电子科技大学学报, 2019, 46(6): 147-154.
[3]	苏子剑;梁昌洪;李龙;翟会清. EBG高阻表面的准静态等效媒质模型[J]. J4, 2015, 42(5): 92-97.

一种基于逆向迭代搜索的快速隐通道检测方法

Fast reverse searching method for covert channels identification

PDF (PC)

赞

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 3

Metrics

本文评价

推荐阅读 0