基于动态污点跟踪的敏感文件泄露检测方法  被引量:5

Leakage test method for sensitive files based on dynamic taint tracking

在线阅读下载全文

作  者:李伟明[1] 贺玄 王永剑[2] Li Weiming He Xuan Wang Yongjian(School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China Key Lab Information Network Security of Ministry of Public Security, The Third Research Institute of Ministry of Public Security, Shanghai 201204, China)

机构地区:[1]华中科技大学计算机科学与技术学院,湖北武汉430074 [2]公安部第三研究所信息网络安全公安部重点实验室,上海201204

出  处:《华中科技大学学报(自然科学版)》2016年第11期39-42,81,共5页Journal of Huazhong University of Science and Technology(Natural Science Edition)

基  金:国家自然科学基金面上资助项目(61370230);信息网络安全公安部重点实验室(公安部第三研究所)开放基金课题资助项目(C14603)

摘  要:为了解决网络应用程序引起的服务器敏感信息泄露问题,提出了基于动态污点跟踪的敏感文件泄露检测方法.该方法先标记敏感文件的读写缓冲区为污点源,然后实时跟踪文件缓冲区的处理流程,监测污染源是否传播到其他内存位置,或者写入其他文件.最后检测发送缓冲区是否包含污点数据,以确定是否发生敏感文件的泄露.实验结果表明:提出的方法不仅能够监控用户指定的敏感文件,还能防止应用程序将敏感信息写入其他文件或者发送到网络上.To solve the sensitive information leaking of network applications in servers,a method based on dynamic taint tracking was proposed.The reading or writing buffer of sensitive file was marked as the tainted source,and the processing of buffers in real-time was tracked to identify whether tainted source were propagated to another memory location or written to another file.Finally,whether the socket send buffer or write buffer contains the tainted-bytes was checked.The experiment shows that the proposed method can not only monitor sensitive files specified by the user,but also prevent applications from leaking sensitive information by writing them into other file or send them out through network.

关 键 词:动态污点跟踪 敏感信息泄露 文件泄露 敏感文件 目录遍历漏洞 

分 类 号:TP309.2[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象