河北大学学报(自然科学版) ›› 2019, Vol. 39 ›› Issue (4): 437-443.DOI: 10.3969/j.issn.1000-1565.2019.04.016

• • 上一篇    下一篇

基于逆向计算的细粒度污点分析方法

屈雪晴,张圣昌   

  • 收稿日期:2018-09-13 出版日期:2019-07-25 发布日期:2019-07-25
  • 作者简介:屈雪晴(1994—),女,河北廊坊人,河北大学在读硕士研究生,主要从事分布计算和网络技术研究. E-mail:724165288@qq.com
  • 基金资助:
    河北大学研究生创新项目(hbu2018ss58)

Finer-grained taint analysis method based on reverse computing

QU Xueqing, ZHANG Shengchang   

  1. School of Cyber Security and Computer, Hebei University, Baoding 071002, China
  • Received:2018-09-13 Online:2019-07-25 Published:2019-07-25

摘要: 精度是污点分析的核心考虑因素.目前的污点分析方法,包括比特级污点分析的研究中,细粒度逻辑语义会导致精度缺失问题,而精度缺失直接致使“过度污点”现象.本文讨论了现有污点分析算法的局限性,阐述了污点传播过程中产生“过度污点”现象的原因,并提出一种基于逆向计算的细粒度污点分析方法,通过规定逆向计算规则,考虑语句的语义逻辑,推算污点传播策略.对未混淆代码和混淆代码分别进行污点分析的实验结果表明,相比于传统的污点分析算法,基于逆向计算的污点分析算法对混淆代码能够减少50%的代码冗余,有效地避免了污点的过度传播.

关键词: 动态污点分析, 反混淆代码, 逆向计算, 过度污点

Abstract: The precision is a core consideration in dynamic taint analysis.Current dynamic taint analysis algorithms, including previous studies on bit-level dynamic taint analysis, have more or less defects that can lead to serious lack of precision, and the lack of precision directly leads to over-tainting problem.This paper discusses the limitations of the traditional dynamic taint analysis algorithm, and explains the causes of over-tainting during the taint propagation, and proposes a reverse-computing finer-grained dynamic taint analysis algorithm to generate the strategy of taint propagation.Experiments using the deobfuscation tool show that the dynamic taint analysis algorithm proposed in this paper can reduce code redundancy by 50% and significantly avoid the problem of over-tainting.

Key words: dynamic taint analysis, deobfuscation code, reverse computing, over-tainting

中图分类号: