Research And Implementation Of The Technology Of Convert Channel Analysis Base On Fortify SCA

Covert channels is proposed has been more than 30 years.Through domestic and international experts and scholars research. At present, there has been a certain detection methods and prevention measures. In large information system, Covert channel has become a primary security problem. In order to ensure information confidentiality and integrity, security information system must analyse nd detection.Static analysis technology has a pivotal position in security audit. At present, there has been a many commercial and open source tool for static testing, make a great contribution to the security of information system. In this paper, we use Fortify SCA to detect covert channel, and create a custom rule for covert channels.Through the custom rule and Fortify SCA dynamic detecting convert channels in information System.This article solve the problem that analyse information flow automatically,on the basis of the current research. And put forward expanded information flow, information flow tree and information flow graph, Constructing a automatic covert channel detection system based on Fortify SCA.This paper gives the covert channel background, definition and research status at home and abroad, according to analysis of covert channels, building automatic covert channel detection tools. The tool rely Fortify SCA, through the powerful static detection engine of Fortify and good scalability, constructing covert channel detection system. First, analysing covert channel detection method already exists, and select the appropriate method as the rules of our system. This paper uses semantic information flow method as the foundation, constructing the rules of information flow and generating the information flow graph of function. According to this information flow graph to build custom information flow rules. Finally, through experiment verificate this rule. In this progess, we select already exists and does not detected covert channel source code as the input. Analysis of the correctness and availability of custom rules, finally giving the conclusion and analysis of the custom of the rule.