Static analysis-based behavior model building for trusted computing dynamic verification
Current trusted computing platform only verifies application’s static Hash value, it could not prevent application from being dynamic attacked. This paper gives one static analysis-based behavior model building method for trusted computing dynamic verification, including control flow graph (CFG) building, finite state automata (FSA) constructing, ɛ run cycle removing, ɛ transition removing, deterministic finite state (DFA) constructing, trivial FSA removing, and global push down automata (PDA) constructing. According to experiment, this model built is a reduced model for dynamic verification and covers all possible paths, because it is based on binary file static analysis.
Key wordstrusted computing dynamic verification behavior model finite-state automata (FSA) push down automata (PDA)
CLC numberTP 391
Unable to display preview. Download preview PDF.
- Shen Changxiang, Zhang Huanguo, Wang Huaimin, et al. Trusted computing research and development [J]. Science China: Information Sciences, 2010, 40(2): 139–166 (Ch).Google Scholar
- Shen Changxiang, Zhang Huanguo, Feng Dengguo, et al. Survey of information security [J]. Science China: Information Sciences, 2007, 37(2): 1–22 (Ch).Google Scholar
- Trusted Computing Group. TCG Specification Architecture Overview Specification Revision 1.4 [EB/OL]. [2010-03-10]. http://www.trustedcomputinggroup.org/files/resource_files/AC652DE1-1D09-3519-ADA026A0C05CFAC2/TCG_1_4_Architecture_Overview.pdf
- Trusted Computing Group. TCG Design, Implementation, and Usage Principles Version 2.0 [EB/OL]. [2009-12-16]. http://www.trustedcomputinggroup.org/files/resource_files/59C26E CB-1D09-3519-AD469EA7AFBD2E91/Best_Practices_Principles_Document_V2_0.pdf
- Wagner D, Dean D. Intrusion detection via static analysis[C]//Proceedings of 2001 IEEE Symposium on Security and Privacy, Oakland: IEEE Computer Society, 2001: 156–168.Google Scholar
- Giffin J T, Jha S, Miller B P. Detecting manipulated remote call streams [C]//Proceedings of the 11th USENIX Security Symposium. San Francisco: USENIX Association, 2002: 61–79.Google Scholar
- Giffin J T, Dagon D, Jha S. Environment- sensitive intrusion detection[C]//Proceedings of 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005) LNCS3858. Seattle: Springer-Verlag, 2005: 185–206.Google Scholar
- Feng H H, Giffin J, Huang Y, Jha S, et al. Formalizing sensitivity in static analysis for intrusion detection [C]//Proceedings of 2004 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 2004: 194–208.Google Scholar
- Gopalakrishna R, Spafford E, Vitek J. Efficient intrusion detection using automaton inlining [C]//Proceedings of 2005 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 2005: 18–31.Google Scholar