Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Software privacy leak behavior detection method and system based on virtualization technology

A virtualization technology and privacy leakage technology, applied in the direction of platform integrity maintenance, etc., can solve problems such as pollution, inability to obtain the precise location of polluted data from data analysis results, lack of upper-level information in instruction-level data, etc., to achieve effective analysis and detection Effect

Active Publication Date: 2014-08-27
INST OF INFORMATION ENG CAS
View PDF6 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Aiming at the problems existing in the current dynamic taint analysis of malicious codes that are limited to instruction-level data and lack of upper-level information, as well as the problems that the analysis results of the data in the kernel and the precise location of the tainted data in the process cannot be obtained, the purpose of the present invention is to provide a A method and system for detecting software privacy leakage behavior based on virtualization technology, adding modules such as instruction-level dynamic taint analysis, system information reconstruction, and dependency graph generation to virtual machines, through multi-level dynamic taints combining instruction-level and process-level Analysis method, the system can obtain a fine-grained taint dependency analysis graph, so as to obtain the path information of system pollution and high-level semantic information such as information leakage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software privacy leak behavior detection method and system based on virtualization technology
  • Software privacy leak behavior detection method and system based on virtualization technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The present invention will be further described below through specific examples and accompanying drawings.

[0030] This embodiment adopts linux software, and the steps of the linux software privacy leakage behavior detection method are as follows: figure 1 As shown, the corresponding system module composition is as follows figure 2 As shown, the specific description is as follows:

[0031] 1. Import the application to be analyzed into the virtual machine and run it.

[0032] By running the application program to be detected in a virtual machine (such as a QEMU virtual machine), the information of each executed instruction is monitored, and each module performs corresponding processing as required before the instruction is translated.

[0033] Specifically, by modifying its hardware simulation program in the virtual machine, taint tags can be added to the privacy-sensitive information of the user host, and the memory unit where the taint data is stored can be located...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a software privacy leak behavior detection method and system based on the virtualization technology. The software privacy leak behavior detection method includes the steps of loading software to be analyzed into a modified virtual machine for operation; then monitoring execution of instructions in the software operation process, when an application accesses a sensitive resource, signing related taint data, making a related taint propagation rule, on the premise, dynamically generating an instruction-level taint dependence graph, reconstructing translation according to the system, and dynamically generating a system process-level taint dependence graph; analyzing software privacy leak behaviors through a fine-grit taint dependence analysis graph. According to the software privacy leak behavior detection method and system, the fine-grit taint dependence analysis graph is obtained through an instruction-level and process-level combined multi-level dynamic taint analysis method, information of a system pollution path and high-level semantic information such as information leak can be accordingly obtained, and effective analysis and effective detection of the software privacy leak behaviors are achieved.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a virtualization technology-based software privacy leakage behavior detection method and system. Background technique [0002] With the continuous updating of computer and Internet technology, the technology of malicious software continues to develop, becoming one of the main threats to the security of information systems at present, and the harm of privacy leakage caused by malicious software is becoming increasingly serious. An important aspect of computer and Internet security. [0003] Malware detection is one of the hot issues of research at home and abroad. With the development of virtualization technology, new research methods for malware analysis and detection have emerged. These methods involve various theoretical methods and technologies, mainly including static software analysis and detection methods based on virtualization technology and dynamic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/53
CPCG06F21/53
Inventor 贾晓启王蕊张道娟
Owner INST OF INFORMATION ENG CAS
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com