A Detection Approach for Vulnerability Exploiter Based on the Features of the Exploiter
作者: Jinfu Chen , Chi Zhang , Jinchang Hu , Sher Ali , Bo Liu
DOI: 10.1155/2021/5581274
关键词:
摘要: With the wide application of software system, vulnerability has become a major risk in computer security. The on-time detection and proper repair for possible vulnerabilities are great importance maintaining system security decreasing crashes. Control Flow Integrity (CFI) can be used to detect exploit by some researchers. In this paper, we propose an improved Graph with Jump (JCFG) based on CFI develop novel Vulnerability Exploit Detection Method JCFG (JCFG-VEDM). method program is realized analysis results program. Then addressed through combining features jump instruction. Finally, implement JCFG-VEDM conduct experiments verify effectiveness proposed method. experimental show that (JCFG-VEDM) feasible effective.
hindawi.com参考文章(8)
Martín Abadi, Mihai Budiu, Úlfar Erlingsson, Jay Ligatti, Control-flow integrity principles, implementations, and applications ACM Transactions on Information and System Security. ,vol. 13, pp. 1- 40 ,(2009) , 10.1145/1609956.1609960
Ruan De Clercq, Ronald De Keulenaer, Bart Coppens, Bohan Yang, Pieter Maene, Koen De Bosschere, Bart Preneel, Bjorn De Sutter, Ingrid Verbauwhede, SOFIA: Software and control flow integrity architecture Computers & Security. ,vol. 68, pp. 16- 35 ,(2017) , 10.1016/J.COSE.2017.03.013
Nathanael R. Weidler, Dane Brown, Samuel A. Mitchell, Joel Anderson, Jonathan R. Williams, Austin Costley, Chase Kunz, Christopher Wilkinson, Remy Wehbe, Ryan Gerdes, Return-oriented programming on a resource constrained device Sustainable Computing: Informatics and Systems. ,vol. 22, pp. 244- 256 ,(2019) , 10.1016/J.SUSCOM.2018.10.002
M. V. Belyaev, N. V. Shimchik, V. N. Ignatyev, A. A. Belevantsev, Comparative Analysis of Two Approaches to Static Taint Analysis Programming and Computer Software. ,vol. 44, pp. 459- 466 ,(2018) , 10.1134/S036176881806004X
Karine Heydemann, Jean-François Lalande, Pascal Berthomé, Formally verified software countermeasures for control-flow integrity of smart card C code Computers & Security. ,vol. 85, pp. 202- 224 ,(2019) , 10.1016/J.COSE.2019.05.004
Sarwar Sayeed, Hector Marco-Gisbert, Ismael Ripoll, Miriam Birch, Control-flow integrity: attacks and protections Applied Sciences. ,vol. 9, pp. 4229- ,(2019) , 10.3390/APP9204229
Zhiwei Cao, Zhijie Fan, Haiye Huang, Xinming Yin, Application of SSL VPN Technology in Mobile Police Video Access Link Netinfo Security. ,vol. 17, pp. 1- ,(2017) , 10.3969/J.ISSN.1671-1122.2017.09.001
Jinfu Chen, Zufa Zhang, Bo Liu, Songling Qin, Jingyi Chen, Lingling Zhao, Yisong Liu, An Approach Based on the Improved SVM Algorithm for Identifying Malware in Network Traffic Security and Communication Networks. ,vol. 2021, ,(2021) , 10.1155/2021/5518909