| Buffer overflow has been associated with the development of a computer.In many areas of modern information technology, the buffer overflow is almost synonymous with vulnerability. With the popularity of the Internet, buffer overflow attack impacts large range;attacks in a short time;spreads fast and so on. To successfully overcome these powerful attack, we need automatic and efficient detection of buffer overflow and attack filtering mechanisms. Based on this requirement, funnywei created a Taint Data Transmit Analysis Model, and put forward data flow tracking ideas for the first time in 2003.After the introduction of Dynamic Instrumentation Technology, numbers of dynamic data flow tracking analysis model, such as Argos and TaintCheck, have emergedThis paper is to solve the problem of TaintCheck, which is a powerful Dynamic Taint Analysis model ,but it consumes large memory and run slowly. First we repalce the TaintStructure of TaintCheck with a the Dynamic Two-level Table, which similars to page table structure, and then use Function Call Stack and LSC Algorithm to replace the Overflow Back Mechanism and Signature Extraction Function. The improved dynamic taint analysis model not only retains all the features of TaintCheck, but also reduces memory consumption and improves the system efficiency.Through the testing of several commercial software, the effectiveness and correctness of improved dynamic taint analysis model has been proved to achieve the expected goal, and it successfully reduces the resource consumption to a reasonable range.So it is reasonable to believe that the improved dynamic taint analysis model can provide more efficient real-time defense and automated analysis. This can improve the quality of software; detect software vulnerabilities and reduce the losses. |
PDF Full Text Request