Lu Yan; Wang Dan; Zhao Wen Bing

International Journal of Wireless and Microwave Technologies (IJWMT)

IJWMT Vol. 2, No. 3, 15 Jun. 2012

Cover page and Table of Contents: PDF (size: 136KB)

A Data Flow Behavior Constraints Model for Branch Decision-making Variables

Full Text (PDF, 136KB), PP.34-40

Views: 0 Downloads: 0

Author(s)

Lu Yan ¹ Wang Dan ¹ Zhao Wen Bing ¹

1. Beijing University of Technology, Beijing, china

* Corresponding author.

DOI: https://doi.org/10.5815/ijwmt.2012.03.06

Received: 1 Mar. 2012 / Revised: 4 Apr. 2012 / Accepted: 8 May 2012 / Published: 15 Jun. 2012

Index Terms

Program behavior, branch decision-making variable, control flow, dependence relation

Abstract

In order to detect the attacks to decision-making variable, this paper presents a data flow behavior constraint model for branch decision-making variables. Our model is expanded from the common control flow model, it emphasizes on the analysis and verification about the data flow for decision-making variables, so that to ensure the branch statement can execute correctly and can also detect the attack to branch decision-making variable easily. The constraints of our model include the collection of variables, the statements that the decision-making variables are dependent on and the data flow constraint with the use-def relation of these variables. Our experimental results indicate that it is effective in detecting the attacks to branch decision-making variables as well as the attacks to control-data.

Cite This Paper

Lu Yan,Wang Dan,Zhao Wen Bing,"A Data Flow Behavior Constraints Model for Branch Decision-making Variables", IJWMT, vol.2, no.3, pp.34-40, 2012. DOI: 10.5815//ijwmt.2012.03.06

Reference

[1]Trusted Computing Group, http://www.trustcomputing,org

[2]M.Abadi, M.Budiu, Ú.Erlingsson, J.Ligatti, “Control-flow integrity principles, implementations, and applications” ACM Transactions on Information and System Security, 2009, 13(1), pp.1-40.

[3]H.Feng, O.Kolesnikov, P.Fogla, W.Lee, W.Gong, “Anomaly DetectionUsing Call Stack Information” In IEEE Symposium on Security and Privacy, Oakland, California, 2003, pp.62-76.

[4]S.Chen, J.Xu, E.C.Sezer, P.Gauriar, R.K.Iyer, “Non-control-data attacks are realistic threats” in Proceedings of 14th USENIX Security Symposium, Berkeley, CA, USA, 2005, pp.12-16

[5]T.Qin, L.Zhang, Z.Zhou, D.Hao, J.Sun, “Discovering use cases from source code using the branch-reserving call graph” In Proceedings of the 10th Asia-Pacific Software Engineering Conference. IEEE Computer Society,Washington, D.C, 2003, pp.60–67.

[6]H.Lhadj, A.Braun, D.Amyot, T.Lethbridge, “Recovering Behavioral Design Models from Execution Traces” Software Maintenance and Reengineering, 2005, pp.112-121.

[7]A.Aho, R.Sethi, J.Ullman. Compilers,Principles, Techniques, and Tools, Addison-Wesley Publishing Company, Massachusetts, 1986.

[8]S.Horwitz, T.Reps, D.Binkley, “Interprocedural slicing using dependence graphs” ACM SIGPLAN Notices, 2004, 39(4), pp.229-243