For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
The Coupling Network Modeling of Forest Landscape Plaques Based on Patch Edge Effects
p.1080
Research and Design of Campus Network Unified Identity Authentication System Based on Kerberos
p.1086
Based on the BP Neural Network of Logistics Equipment Support Capability Evaluation
p.1090
Application of SS-MVPN Technology in Mobile Network
p.1095
Taint Graph of System Call Arguments for Intrusion Detection in Mobile Intelatrac
p.1101
A Multi-Layer Security Architecture for Wireless Cognitive Sensor Networks in Smart Grids
p.1107
WLAN Authentication Scheme Based on Message-Recovery RSA-PSS
p.1113
Application and Challenge of Cloud Computing in Army Informationization Network
p.1119
The Wireless Network Positioning Strategies Basing on Mobile Terminal
p.1124

Taint Graph of System Call Arguments for Intrusion Detection in Mobile Intelatrac

Article Preview

Abstract:

The intended data-flow in a vulnerable program is subject to be subverted by attacks which exploit buffer overflows or format string vulnerabilities to write data to unintended location. In Mobile Telecommunication it is especially important on data safety. These attacks can be classified into two types: control-flow-attacks exploit buffer overflows or other vulnerabilities to overwrite a return address, a function pointer, or some other piece of control-data; non-control-data attacks exploit similar vulnerabilities to overwrite security critical data without subverting the intended control-flow in the program. The control-flow attacks are well studied and widely used, so there are several typical approaches to prevent them, which monitor the sequence of system calls emitted by the application being monitored and utilize control-flow information of the system calls for intrusion detection. However, the non-control-data attacks are rare for the reason that they rely on specific semantics of the target applications, and there are only few works that defend them to some extent. In order to prevent non-control-data attacks, we leverage dynamic taint technique to track the instruction level relationship between different system call arguments and construct taint graph which can represent behavior profile of a benign program in this paper..

You might also be interested in these eBooks
Electrical Insulating Materials and Electrical Engineering View Preview

Info:

Periodical:

Advanced Materials Research (Volumes 546-547)

Pages:

1101-1106

DOI:

https://doi.org/10.4028/www.scientific.net/AMR.546-547.1101

Citation:

Cite this paper

Online since:

July 2012

Authors:

Dan Nie, Yu Hui Wang

Keywords:

Internet Security, Mobile Computing, Taint Grapth

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2012 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] CHEN, S., XU, J., SEZER, E. C., GAURIAR, P., AND IYER,R. K. : Non-control-data attacks are realistic threats, In USENIX Security Symposium(2005).

Google Scholar

[2] HH. Feng, OM. Kolesnikov, P. Fogla, and W. Lee L. : Anomaly detection using call stack information( IEEE Symposium on Security and Privacy , Berkeley, California, 2003).

Google Scholar

[3] Giffin J T, Dagon D, Jha S. : Environment-sensitive intrusion detection( In Recent Advances in Intrusion Detection (RAID). Seattle, Washington: Springer Press, 2005).

DOI: 10.1007/11663812_10

Google Scholar

[4] Peng Li, Hyundo Park, Debin Gao and Jianming Fu. : Bridging the Gap between Data-flow and Control-flow Analysis for Anomaly Detection, In Proceedings of the 24th Annual Computer, (2008).

DOI: 10.1109/acsac.2008.17

Google Scholar

[5] Sandeep, Bhatkar, Abhishek, Chaturvedi, R. Sekar. : T Dataflow Anomaly Detection (IEEE Symposium on Security and Privacy, 2006).

DOI: 10.1109/sp.2006.12

Google Scholar

[6] James Clause, Wanchun Li, Alessanddro Orso. : Dytan: A Generic Dynamic Taint Analysis Framework( London, England, United Kingdom, ISSTA'07, 2007).

DOI: 10.1145/1273463.1273490

Google Scholar

[7] Heng Yin, Dawn Song, Manuel Egele, Christopher Kruegel, Engin Kirda, . : Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis, (CCS'07, Alexandria, Virginia, USA, 2007).

DOI: 10.1145/1315245.1315261

Google Scholar

[8] Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauscheck, Christopher Kruegel, Engin Kirda.: Scalable, behavior-based malware clustering (In Network and Distributed System Security Symposium, 2009).

Google Scholar

[9] Dawn Song, David Brumley, HengYin, Juan Caballero, Ivan Jager, Min Gyung Kang, Zhenkai Liang, James Newsome, Pongsin Poosankam, Prateek Saxena1. : BitBlaze: A New Approach to Computer Security via Binary Analysis, "(Information systems security : 4th International Conference, 2008).

DOI: 10.1007/978-3-540-89862-7_1

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.