一种基于逆向迭代搜索的快速隐通道检测方法

doi:10.3969/j.issn.1001-2400.2011.03.020

Abstract

Abstract:

A method for identifing covert channels automatically based on static analysis is proposed. The method adopts typical syntax and semantic analysis technology to implement initial information flow extraction, retains indirect information flows produced by local variables and establishes information flow rules for library functions and information flow deduction, which enhanceds the accuracy and integrality of information flow collection. Based on the information flow graph, a constrained reverse depth-first traversing (DFT) algorithm is designed to iteratively detect potential covert channels, and the efficiency of covert channel detection is thus improved. Finally, syntax and semantic rules are discussed to eliminate illegal covert channels.

Key words: covert channels, static analysis, information flow graph, constrained reverse DFT

CLC Number:

TP311

ZHANG Liyong；WANG Xianqing；CHEN Ping；DENG Fan；KONG Delan. Fast reverse searching method for covert channels identification[J].J4, 2011, 38(3): 128-135.

References

［1］卿斯汉, 朱继峰. 安胜安全操作系统的隐蔽通道分析［J］. 软件学报, 2004, 15(9): 1385-1392.
Qing Sihan, Zhu Jifeng. Covet Channel Analysis on ANSHENG Secure Operating System［J］. Journal of Software, 2004,15(9): 1385-1392.
［2］ Denning D E. A Lattice Model of Secure Information Flow［J］. Communications of the ACM, 1976, 19(5): 236-243.
［3］ Tsai C R, Gligor V D, Chandersekaran C S. A Formal Method for the Identification of Covert Storage Channels in Source Code［J］. IEEE Trans on Software Engineering, 1990, 16(6): 569-580.
［4］ Kemmerer R A. Shared Resource Matrix Methodology: an Approach to Identifying Storage and Timing Channels［J］. ACM Trans on Computer Systems. 1983, 1(3): 256-277.
［5］ Porras P A, Kemmerer R A. Covert Flow Trees: a Technique for Identifying and Analyzing Covert Storage Channels［C］//Proceedings of the 1991 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 1991: 36-51.
［6］ Lampson B W. A Note on the Confinement Problem［J］. Communications of the ACM, 1973, 16(10): 613-615.
［7］ Kemmerer R A. A Practical Approach to Identifying Storage and Timing Channels: Twenty Years Later［C］//Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC'02). Washington: IEEE Computer Society, 2002: 109-118.
［8］ Shaffer A B, Auguston M, Irvine C E, et al. A Security Domain Model to Assess Software for Exploitable Covert Channels［C］//Proceedings of the Third ACM SIGPLAN Workshop on Programming Languages and Analysis for Security. Tucson: ACM, 2008: 45-56.
［9］权义宁, 胡予濮. 改进的操作系统安全访问控制模型［J］. 西安电子科技大学学报, 2006, 33(4): 539-542.
Quan Yining, Hu Yupu. An Improved Secure Access Control Model in Operating System［J］. Journal of Xidian University, 2006, 33(4): 539-542.
［10］ Shen J, Qing S. A Dynamic Information Flow Model of Secure Systems［C］//Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security. Singapore: ACM, 2007: 341-343.
［11］陈玉峰, 李志武. 安全Petri网事件分离状态的BDD算法［J］. 西安电子科技大学学报, 2010, 37(1):119-124.
Chen Yufeng, Li Zhiwu. Computation of Marking/Transition Separation Instances for Safe Petri Nets Using BDD［J］. Journal of Xidian University, 2010, 37(1): 119-124.
［12］ Zhai G, Zhang Y, Liu C, et al. Automatic Identification of Covert Channels inside Linux Kernel Based on Source Codes［C］//ACM International Conference Proceeding Series| Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human. Seoul: ACM, 2009: 440-445.
［13］崔宾阁, 刘大昕. 基于信息流图的隐通道分析技术研究［J］. 哈尔滨工程大学学报, 2006, 27(5): 742-747.
Cui Binge, Liu Daxin. Using an Information Flow Graph to Identify and Analyze Covert Channels［J］. Journal of Harbin Engineering University, 2006, 27(5): 742-747.

[1]	HUANG Yuming,MA Jianfeng,LIU Zhiquan,FENG Bingwen,WEI Kaimin. Rule-based automatic program repair method [J]. Journal of Xidian University, 2020, 47(4): 117-123.
[2]	HUANG Yuming,MA Jianfeng,LIU Zhiquan,WEI Kaimin,FENG Bingwen. Security risk scenarios and solutions in automatic program repair [J]. Journal of Xidian University, 2019, 46(6): 147-154.
[3]	SU Zijian;LIANG Changhong;LI Long;ZHAI Huiqing. Improved quasi-static effective medium model of the electromagnetic band gap (EBG) high-impedance surface [J]. J4, 2015, 42(5): 92-97.
[4]	FAN Yesen;LI Tuanjie;MA Xiaofei;LI Zhengjun. Form-finding method of equal tension cable networks for space mesh antennas [J]. J4, 2015, 42(1): 49-55.

Fast reverse searching method for covert channels identification

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 4

Metrics

Comments

Recommended 0