標題: 操控程式輸入測試以自動產生系統攻擊資料
Controllable Taintedness for Automated Exploit Generations
作者: 黃世昆
HUANG SHIH-KUN
國立交通大學資訊工程學系(所)
關鍵字: 軟體測試;程式安全;攻擊產生器;符號運算;零日攻擊;Software Testing;Secure Programming;Exploit Generator;Symbolic Execution;Zero-Day Attacks
公開日期: 2010
摘要: 非經授權之用戶必須有正當授權方能執行之程式區域,我們稱為「程式禁區」。此計畫 將運用完全覆蓋測試方法,產生合適之輸入資料、不須授權資料而能進入程式禁區, 以驗證此系統程式是否存在可能之安全缺陷。若要進入程式禁區,我們必須設計一個 完整框架,整合程式錯誤偵測、輸入資料污染追蹤、與擬真執行、及高階性質驗證。 若程式遭致錯誤,特別是遇到控制資料被破壞,則執行狀態將進入一個被污染而不穩 定的情況。根據此,我們將測試此控制資料能否被操控,成為污染可操控性。此計畫 將產生測試資料,以驗證能否進動進入程式禁區。
If unauthorized users cannot execute code needing normal authorization, we mean this code section to be a forbidden area. We want to explore if the full path coverage tester can generate suitable input without authorization to enter a forbidden area of a software system, especially for mobile platforms. To enter the forbidden area (FA), we will design a framework, with components to integrate failure detector, taint tracker, Concolic tester, and a high level property checker. If we encounter a software failure, especially, with a corrupted control and data state, the execution will be brought into a fuzz state by some kind of tainted input. Based on the uncontrolled input, we want to test if they are controllable tainted input, called their taintedness. The project will generate input to enter FA automatically, and evaluated with several benchmark programs, not currently with plausible input by fuzzers like zzuf and catchconv.
官方說明文件#: NSC99-2221-E009-120
URI: http://hdl.handle.net/11536/99894
https://www.grb.gov.tw/search/planDetail?id=2109535&docId=336838
顯示於類別:研究計畫