Skip to main content

Static analysis-based behavior model building for trusted computing dynamic verification


Current trusted computing platform only verifies application’s static Hash value, it could not prevent application from being dynamic attacked. This paper gives one static analysis-based behavior model building method for trusted computing dynamic verification, including control flow graph (CFG) building, finite state automata (FSA) constructing, ɛ run cycle removing, ɛ transition removing, deterministic finite state (DFA) constructing, trivial FSA removing, and global push down automata (PDA) constructing. According to experiment, this model built is a reduced model for dynamic verification and covers all possible paths, because it is based on binary file static analysis.

This is a preview of subscription content, access via your institution.


  1. [1]

    Shen Changxiang, Zhang Huanguo, Wang Huaimin, et al. Trusted computing research and development [J]. Science China: Information Sciences, 2010, 40(2): 139–166 (Ch).

    Google Scholar 

  2. [2]

    Shen Changxiang, Zhang Huanguo, Feng Dengguo, et al. Survey of information security [J]. Science China: Information Sciences, 2007, 37(2): 1–22 (Ch).

    Google Scholar 

  3. [3]

    Zhang Huanguo, Luo Jie, Jin Gang, et al. Development of trusted computing research [J]. Wuhan University Journal of Natural Sciences, 2006, 11(6): 1407–1413.

    Article  Google Scholar 

  4. [4]

    Trusted Computing Group. TCG Specification Architecture Overview Specification Revision 1.4 [EB/OL]. [2010-03-10].

  5. [5]

    Trusted Computing Group. TCG Design, Implementation, and Usage Principles Version 2.0 [EB/OL]. [2009-12-16]. CB-1D09-3519-AD469EA7AFBD2E91/Best_Practices_Principles_Document_V2_0.pdf

  6. [6]

    Wagner D, Dean D. Intrusion detection via static analysis[C]//Proceedings of 2001 IEEE Symposium on Security and Privacy, Oakland: IEEE Computer Society, 2001: 156–168.

    Google Scholar 

  7. [7]

    Giffin J T, Jha S, Miller B P. Detecting manipulated remote call streams [C]//Proceedings of the 11th USENIX Security Symposium. San Francisco: USENIX Association, 2002: 61–79.

    Google Scholar 

  8. [8]

    Giffin J T, Dagon D, Jha S. Environment- sensitive intrusion detection[C]//Proceedings of 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005) LNCS3858. Seattle: Springer-Verlag, 2005: 185–206.

    Google Scholar 

  9. [9]

    Feng H H, Giffin J, Huang Y, Jha S, et al. Formalizing sensitivity in static analysis for intrusion detection [C]//Proceedings of 2004 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 2004: 194–208.

    Google Scholar 

  10. [10]

    Gopalakrishna R, Spafford E, Vitek J. Efficient intrusion detection using automaton inlining [C]//Proceedings of 2005 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 2005: 18–31.

    Google Scholar 

  11. [11]

    Li Wen, Dai Yingxia, Lian Yifeng, et al. Context sensitive host-based IDS using hybrid automaton [J]. Journal of Software, 2009, 20(1): 138–151 (Ch).

    Article  Google Scholar 

Download references

Author information



Corresponding author

Correspondence to Fajiang Yu.

Additional information

Foundation item: Supported by the National High Technology Research and Development Program of China (863 Program) (2006AA01Z442, 2007AA01Z411) the National Natural Science Foundation of China (60673071, 60970115), and Open Foundation of State Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education in China (AISTC2008Q03)

Biography: YU Fajiang, male, Ph.D., research direction: information security, trusted computing.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Yu, F., Yu, Y. Static analysis-based behavior model building for trusted computing dynamic verification. Wuhan Univ. J. Nat. Sci. 15, 195–200 (2010).

Download citation

Key words

  • trusted computing
  • dynamic verification
  • behavior model
  • finite-state automata (FSA)
  • push down automata (PDA)

CLC number

  • TP 391