Current trusted computing platform only verifies application’s static Hash value, it could not prevent application from being dynamic attacked. This paper gives one static analysis-based behavior model building method for trusted computing dynamic verification, including control flow graph (CFG) building, finite state automata (FSA) constructing, ɛ run cycle removing, ɛ transition removing, deterministic finite state (DFA) constructing, trivial FSA removing, and global push down automata (PDA) constructing. According to experiment, this model built is a reduced model for dynamic verification and covers all possible paths, because it is based on binary file static analysis.
This is a preview of subscription content, access via your institution.
Shen Changxiang, Zhang Huanguo, Wang Huaimin, et al. Trusted computing research and development [J]. Science China: Information Sciences, 2010, 40(2): 139–166 (Ch).
Shen Changxiang, Zhang Huanguo, Feng Dengguo, et al. Survey of information security [J]. Science China: Information Sciences, 2007, 37(2): 1–22 (Ch).
Zhang Huanguo, Luo Jie, Jin Gang, et al. Development of trusted computing research [J]. Wuhan University Journal of Natural Sciences, 2006, 11(6): 1407–1413.
Trusted Computing Group. TCG Specification Architecture Overview Specification Revision 1.4 [EB/OL]. [2010-03-10]. http://www.trustedcomputinggroup.org/files/resource_files/AC652DE1-1D09-3519-ADA026A0C05CFAC2/TCG_1_4_Architecture_Overview.pdf
Trusted Computing Group. TCG Design, Implementation, and Usage Principles Version 2.0 [EB/OL]. [2009-12-16]. http://www.trustedcomputinggroup.org/files/resource_files/59C26E CB-1D09-3519-AD469EA7AFBD2E91/Best_Practices_Principles_Document_V2_0.pdf
Wagner D, Dean D. Intrusion detection via static analysis[C]//Proceedings of 2001 IEEE Symposium on Security and Privacy, Oakland: IEEE Computer Society, 2001: 156–168.
Giffin J T, Jha S, Miller B P. Detecting manipulated remote call streams [C]//Proceedings of the 11th USENIX Security Symposium. San Francisco: USENIX Association, 2002: 61–79.
Giffin J T, Dagon D, Jha S. Environment- sensitive intrusion detection[C]//Proceedings of 8th International Symposium on Recent Advances in Intrusion Detection (RAID 2005) LNCS3858. Seattle: Springer-Verlag, 2005: 185–206.
Feng H H, Giffin J, Huang Y, Jha S, et al. Formalizing sensitivity in static analysis for intrusion detection [C]//Proceedings of 2004 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 2004: 194–208.
Gopalakrishna R, Spafford E, Vitek J. Efficient intrusion detection using automaton inlining [C]//Proceedings of 2005 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Society, 2005: 18–31.
Li Wen, Dai Yingxia, Lian Yifeng, et al. Context sensitive host-based IDS using hybrid automaton [J]. Journal of Software, 2009, 20(1): 138–151 (Ch).
Foundation item: Supported by the National High Technology Research and Development Program of China (863 Program) (2006AA01Z442, 2007AA01Z411) the National Natural Science Foundation of China (60673071, 60970115), and Open Foundation of State Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education in China (AISTC2008Q03)
Biography: YU Fajiang, male, Ph.D., research direction: information security, trusted computing.
About this article
Cite this article
Yu, F., Yu, Y. Static analysis-based behavior model building for trusted computing dynamic verification. Wuhan Univ. J. Nat. Sci. 15, 195–200 (2010). https://doi.org/10.1007/s11859-010-0303-9
- trusted computing
- dynamic verification
- behavior model
- finite-state automata (FSA)
- push down automata (PDA)
- TP 391