Abstract
This paper describes technical implementation of a verified program code execution system. The functional purpose of the system is to investigate arbitrary executable files of an operating system in the absence of source codes in order to control program code execution within specified functional requirements. The prerequisites for development of such a system are outlined and a user’s operating procedure with two typical usage scenarios is described. General description of the architecture of the system and software used for its implementation, including the mechanism of interaction among system elements, is presented. A model example of implementing the system is considered. A flexible set of functional constraints based on a temporal attribute of process action is described. In conclusions, a brief comparison with the closest analogs is conducted.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Decree of the President of the Russian Federation no. 646 of December 5, 2016 “On Approval of the Doctrine of Information Security of the Russian Federation.”
Garbuk, S.V., Komarov, A.A., and Salov, E.I., Survey of APCS information security incidents in foreign states: Analytical report, Zashchita informatsii insaid, 2010, no. 6, pp. 50–58.
Yaremchuk, S., APT: Reality or paranoia?, Sistemnyi administrator, 2012, nos. 7–8, pp. 52–56.
Dovgolenko, A.A., Social engineering in the Internet: Information security and questions of prevention of cyber-extremism among youth, Materialy vnutrivuzovskoi konferentsii Magnitogorskogo gosudarstvennogo tekhnicheskogo universiteta im. G.I. Nosova (Proc. Intrauniversity Conf. Nosov Magnitogorsk State Technical University), Chusavitina, G.N., Chernova, E.V., and Kolobova, O.L., Eds., Magnitogorsk, 2015, pp. 183–191
Kozachok, A.V., Malware recognition based on hidden Markov models, Cand. Sci. (Tech.) Dissertation, Voronezh: Voronezh State Technical University, 2012.
Kozachok, A.V. and Kochetkov, E.V., Substantiation of the possibility to use program verification for malware code detection, Vopr. kiberbezopasnosti, 2016, no. 3, pp. 25–32.
Cimitile, A., et al., Model checking for mobile Android malware evolution, Proc. 5th IEEE ACM Int. FME Workshop on Formal methods in Software Engineering (FormaliSE), 2017, pp. 24–30
Kozachok, A.V. and Kochetkov, E.V., Formal model of functioning of a process in an operating system, Tr. Inst. Sistemnogo Program. Ross. Akad. Nauk (Proc. Institute for System Programming, Russian Academy of Sciences), 2017, no. 2, pp. 78–96.
Kozachok, A., Bochkov, M., Lai Minh, T., and Kochetkov, E., First-order logic for program code functional requirements description, Vopr. kiberbezopasnosti, 2017, no. 3, pp. 2–7.
Hertz, J., Project Triforce: Run AFL on Everything! https://doi.org/www.nccgroup.trust/us/about-us/newsroomand-events/blog/2016/june/projecttriforce-run-aflon-everything.
Ivannikov Institute for System Programming, Russian Academy of Sciences, Repository of Qemu source code. https://doi.org/github.com/ispras/qemu.
QMP-QEMU documentation, QEMU machine protocol. https://doi.org/wiki.qemu.org/Documentation/QMP.
Author information
Authors and Affiliations
Corresponding author
Additional information
Original Russian Text © A.V. Kozachok, E.V. Kochetkov, 2018, published in Trudy Instituta Sistemnogo Programmirovaniya, 2017, Vol. 1, No. 2.
Rights and permissions
About this article
Cite this article
Kozachok, A.V., Kochetkov, E.V. Prototype of a Verified Program Code Execution System. Program Comput Soft 44, 190–199 (2018). https://doi.org/10.1134/S0361768818030039
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1134/S0361768818030039