原创力文档- 1、本文档共41页,可阅读全部内容。
- 2、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。
- 3、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
Dynamic Taint Analysis for Automatic Detection, Analysis,
and Signature Generation of Exploits on Commodity Software
Authors: James Newsome, Dawn Song
Presenters:
Sheikh M Qumruzzaman
Khaled M Al-Naami
Welcome and Introduction
Overview
Dynamic Taint Analysis
TaintCheck
TaintSeed
TaintTracker
TaintAssert
Exploit Analyzer
Security Analysis of TaintCheck
Evaluation and Performance
Automatic Signature Generation
Conclusion
Overview
Worms exploit software vulnerabilities.
Buffer Overflow.
Format String.
Dangling Pointers.
SQL Injection.
CodeRed and Slammer exploit vulnerabilities and can compromise hundreds of thousands of hosts within hours or minutes.
Slammer
The geographical spread of Slammer in the 30 minutes after its release.
Source: /xpls/abs_all.jsp?arnumber=1219056tag=1
CodeRed
Code Red’s probe rate during its re-emergence on 1 August, 2001
Source: /xpls/abs_all.jsp?arnumber=1219056tag=1
WHAT DO WE NEED?
An automatic detect and defense system.
Automatic development of attack signatures.
In this paper authors proposed new technique ‘Dynamic Taint Analysis’ and showed how it can be used to detect and analyze software exploits
ATTACK DETECTORS
Coarse grained detectors:
Detect anomalous behavior such as scanning and do not provide detailed information about vulnerability and how it exploited.
Fine grained detectors:
Detect attack on a program vulnerability, and provide detailed information about it.
Several approaches for fine grained detectors. But most of them are not dynamic.
Dynamic Taint Analysis
Tainted Data: Data from un-trusted sources.
Keep track of tainted data.
Monitor program execution to track how tainted attributes propagate
Check when tainted data is used in dangerous ways
TaintCheck – An automatic dynamic taint analysis tool.
TaintCheck
Doesn’t require source code/special compilation.
Reliably detects most overwrite attacks.
No known false positives.
Enables automatic semantic analysis based signature generation.
Design and Impleme
您可能关注的文档
- Domain Name System Computer Science at RPI域名系统在RPI计算机科学.ppt
- Domains of Learning EdPsyc Interactive域的学习edpsyc互动.ppt
- DISP2003 Introduction to Digital Signal Processingdisp2003介绍数字信号处理.ppt
- Doing Business in China Texas Association of 在中国做生意德克萨斯协会.ppt
- DON'T WORRY, BE HAPPY musicbulletinboards别担心要快乐 musicbulletinboards.net.ppt
- DOMESTIC ANIMALS bglog国内动物bglog.net.ppt
- Donation Championship Teams The Physician Champion捐赠冠军队的医生冠军.ppt
- Dollar General Balloon Program Balloons美元通用气球计划气球 .ppt
- Don‘t worry be happy Amazon Web Services不要担心快乐亚马逊网络服务.ppt
- Don’t Let a Fall Get You Down CAOT不要让秋天让你不.ppt
- 市科技局副局长在理论学习中心组学习2025年全国两会精神研讨发言材料.docx
- 在深入贯彻中央八项规定精神学习教育读书班开班式上的讲话1.docx
- 关于开展深入贯彻中央八项规定精神学习教育的工作方案.docx
- 市国资委党委书记学习2025年全国两会精神专题研讨发言材料.docx
- 在2025年作风建设专题“读书班”上的研讨发言材料(八项规定).docx
- 在县政府全体会议暨廉政工作会议上的讲话4.docx
- 关于我市农村电商发展情况的调研报告.docx
- 在某某区安全生产重点工作安排部署会上的讲话.docx
- 市发改局党组书记在理论学习中心组会上学习2025年全国两会精神的研讨发言材料1.docx
- 商务局委员会(商务局)基层党组织“分类指导、争先进位”工作方案.docx
文档评论(0)