收录:
摘要:
In order to detect the attacks on non-control-data in a program, this study presents a data flow behavior constraint model for conditional branch decision-making variables in a program. Our model analyzes the relationship among data flow and decision-making variables and verifies them during executing, to ensure the conditional branch decision statements in a program can follow their expected behavior and detecting the attack on branch decision variable easily. We focus on the constraints including the collection of decision-making variables and statements that the decision-making data depending on. Program slicing technology is adopted to obtain variables and statements collections which are dependent on decision-making variables. Then, dynamic incrementing method is used to verify the program's execution dynamically. By comparing whether the actual behavior is consistent with the expected behavior, we can learn whether the program is attacked. Experimental results indicate that our method can be effective in detecting the attacks on conditional branch decision-making variables. © 2011 by Binary Information Press.
关键词:
通讯作者信息:
电子邮件地址: