A Technique for Removing an Important Class of Trojan Horses from High-Order Languages

摘要: Abstract : In his 1984 Turing Award Lecture, Ken Thompson described a sophisticated Trojan horse attack on compiler that is undetectable by any search of the source code. The object to modify semantics high-order language in way breaks security trusted system generated compiler. form virus (i.e., it self-reproducing), but has other characteristics differentiate from viruses exploit implementation details computer system. First, self-reproduction symbiotic -- depends text legitimate for its continued existence. only reproduces itself output stream compiler, when compiling (thus destroying original virus). A second difference relative portability different systems. less dependent design particular machine because exploits languages. final location executable file. inserted place hard mid-file. While this possible virus, more difficult do not have compiler's functions at their disposal. lecture, asserted "no amount source-level verification or scrutiny will protect you using untrusted code." However, paper describes technique remove such horses used conjunction with code analysis. remainder explains why class important systems, defense against detail, gives brief sketch some countermeasures, and concludes applications techniques building