О некоторых ограничениях полносистемного анализа помеченных данных «
https://doi.org/10.15514/ISPRAS-2016-28(6)-1
Аннотация
Об авторах
М. А. КлимушенковаРоссия
М. Г. Бакулин
Россия
В. А. Падарян
Россия
П. М. Довгалюк
Россия
Н. И. Фурсова
Россия
И. А. Васильев
Россия
Список литературы
1. Portokalidis G., Slowinska A., Bos H. Argos: An emulator for fingerprinting zero-day attacks for advertised honeypots with automatic signature generation. Proceedings of the 1st ACMSIGOPS/EuroSys European Conference on Computer Systems. New York. 2006. pp. 15-27.
2. Srinivasan D., Jiang X. Timescope: Time-Traveling Forensic Analysis of VM-Based High-Interaction Honeypots. In: Security and Privacy in Communication Networks: 7th International ICST Conference, SecureComm 2011, London, UK, September 7-9, 2011, Revised Selected Papers. Springer Berlin Heidelberg, 2012. pp. 209-226.
3. Kemerlis V.P., Portokalidis G., Jee K., Keromytis A.D. libdft: practical dynamic data flow tracking for commodity systems. VEE. 2012. pp. 121-132.
4. Clause J.A., Li W., Orso A. Dytan: a generic dynamic taint analysis framework. ISSTA. 2007. pp. 196-206.
5. Bosman E., Slowinska A., Bos H. Minemu: The World's Fastest Taint Tracker. RAID. 2011. Vol. 6961. pp. 1-20.
6. J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, and M. Rosenblum, “Understanding data lifetime via whole system simulation,” in Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13, ser. SSYM’04. Berkeley, CA, USA: USENIX Association [Электронный ресурс]
7. Henderson A., Prakash A., Yan L.K., Hu X., Wang X., Zhou R., Yin H. Make it work, make it right, make it fast: building a platform-neutral whole-system dynamic binary analysis platform. The International Symposium on Software Testing and Analysis (ISSTA'14). San Jose. 2014.
8. R. Whelan T.L.D.K. Architecture-independent dynamic information flow tracking. Proceedings of the 22Nd International Conference on Compiler Construction. Berlin. 2013.
9. Lattner C., Adve V. LLVM: A compilation framework for lifelong program analysis & transformation. Proceedings of the 2004 International Symposium on Code Generation and Optimization. 2004.
10. Официальный сайт «Clang» [Электронный ресурс]. http://clang.llvm.org/ (дата обращения: 29.09.2015).
11. Raffetseder T., Kruegel C., Kirda E. Detecting system emulators. Proceedings of the 10th International Conference on Information Security. 2007. pp. 1 - 18.
12. Kang M.G., McCamant S., Poosankam P., Song D. DTA++: dynamic taint analysis with targeted control-flow propagation. Proceedings of the Network and Distributed System Security Symposium. San Diego. 2011.
Рецензия
Для цитирования:
Климушенкова М.А., Бакулин М.Г., Падарян В.А., Довгалюк П.М., Фурсова Н.И., Васильев И.А. О некоторых ограничениях полносистемного анализа помеченных данных «. Труды Института системного программирования РАН. 2016;28(6):11-26. https://doi.org/10.15514/ISPRAS-2016-28(6)-1
For citation:
Klimushenkova M.A., Bakulin M.G., Padaryan V.A., Dovgalyuk P.M., Fursova N.I., Vasiliev I.A. On Some Limitations of Information Flow Tracking in Full-system Emulators. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2016;28(6):11-26. (In Russ.) https://doi.org/10.15514/ISPRAS-2016-28(6)-1