Static analysis-based behavior model building for trusted computing dynamic verification
- First Online:
Current trusted computing platform only verifies application’s static Hash value, it could not prevent application from being dynamic attacked. This paper gives one static analysis-based behavior model building method for trusted computing dynamic verification, including control flow graph (CFG) building, finite state automata (FSA) constructing, ɛ run cycle removing, ɛ transition removing, deterministic finite state (DFA) constructing, trivial FSA removing, and global push down automata (PDA) constructing. According to experiment, this model built is a reduced model for dynamic verification and covers all possible paths, because it is based on binary file static analysis.
Key wordstrusted computing dynamic verification behavior model finite-state automata (FSA) push down automata (PDA)
CLC numberTP 391
Unable to display preview. Download preview PDF.
- Shen Changxiang, Zhang Huanguo, Wang Huaimin, et al. Trusted computing research and development [J]. Science China: Information Sciences, 2010, 40(2): 139–166 (Ch).Google Scholar
- Shen Changxiang, Zhang Huanguo, Feng Dengguo, et al. Survey of information security [J]. Science China: Information Sciences, 2007, 37(2): 1–22 (Ch).Google Scholar
- Trusted Computing Group. TCG Specification Architecture Overview Specification Revision 1.4 [EB/OL]. [2010-03-10]. http://www.trustedcomputinggroup.org/files/resource_files/AC652DE1-1D09-3519-ADA026A0C05CFAC2/TCG_1_4_Architecture_Overview.pdf
- Trusted Computing Group. TCG Design, Implementation, and Usage Principles Version 2.0 [EB/OL]. [2009-12-16]. http://www.trustedcomputinggroup.org/files/resource_files/59C26E CB-1D09-3519-AD469EA7AFBD2E91/Best_Practices_Principles_Document_V2_0.pdf
- Wagner D, Dean D. Intrusion detection via static analysis[C]//Proceedings of 2001 IEEE Symposium on Security and Privacy, Oakland: IEEE Computer Society, 2001: 156–168.Google Scholar
- Giffin J T, Jha S, Miller B P. Detecting manipulated remote call streams [C]//Proceedings of the 11th USENIX Security Symposium. San Francisco: USENIX Association, 2002: 61–79.Google Scholar
- Giffin J T, Dagon D, Jha S. Environment- sensitive intrusion detection[C]//Proceedings of 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005) LNCS3858. Seattle: Springer-Verlag, 2005: 185–206.Google Scholar
- Feng H H, Giffin J, Huang Y, Jha S, et al. Formalizing sensitivity in static analysis for intrusion detection [C]//Proceedings of 2004 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 2004: 194–208.Google Scholar
- Gopalakrishna R, Spafford E, Vitek J. Efficient intrusion detection using automaton inlining [C]//Proceedings of 2005 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 2005: 18–31.Google Scholar