JSW 2014 Vol.9(3): 560-568 ISSN: 1796-217X
doi: 10.4304/jsw.9.3.560-568
doi: 10.4304/jsw.9.3.560-568
DYBS: A Lightweight Dynamic Slicing Framework for Diagnosing Attacks on x86 Binary Programs
Erzhou Zhu1, Feng Liu1, Xianyong Fang1, Xuejun Li1, Yindong Yang2, Alei Liang2
1Key Laboratory of Intelligent Computing and Signal Processing of Ministry of Education & School of Computer
Science and Technology, Anhui University, Hefei, China
2Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
Abstract—Nowadays, applications are usually large-scale, this making tasks of comprehending and debugging software rather complicated. As a dynamic reduction technique for simplifying programs, dynamic program slicing is an effective and important approach for locating and diagnosing software attacks. However, most of the existing dynamic slicing tools perform slicing at the source code level, but the source code of most software is hard to acquire in practice. In order to cope with this issue, a novel lightweight dynamic slicing framework---DYBS, is proposed for diagnosing attacks on x86 binary programs. During the execution, DYBS first gathers the runtime profile information of the target program. Once the attack is encountered and set as the slicing criterion, the normal execution terminates, and a backward program slicing is started to locate the vulnerabilities. Furthermore, a Function Call Filtration optimization mechanism is proposed to improve the performance of the framework. It is proved in the experiments that DYBS can diagnose software attacks with much lower overhead than many other similar analyzing systems.
Index Terms—Dynamic Program Slicing, Dynamic Binary Analysis, Attack Diagnosis, Software Security
2Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
Abstract—Nowadays, applications are usually large-scale, this making tasks of comprehending and debugging software rather complicated. As a dynamic reduction technique for simplifying programs, dynamic program slicing is an effective and important approach for locating and diagnosing software attacks. However, most of the existing dynamic slicing tools perform slicing at the source code level, but the source code of most software is hard to acquire in practice. In order to cope with this issue, a novel lightweight dynamic slicing framework---DYBS, is proposed for diagnosing attacks on x86 binary programs. During the execution, DYBS first gathers the runtime profile information of the target program. Once the attack is encountered and set as the slicing criterion, the normal execution terminates, and a backward program slicing is started to locate the vulnerabilities. Furthermore, a Function Call Filtration optimization mechanism is proposed to improve the performance of the framework. It is proved in the experiments that DYBS can diagnose software attacks with much lower overhead than many other similar analyzing systems.
Index Terms—Dynamic Program Slicing, Dynamic Binary Analysis, Attack Diagnosis, Software Security
Cite: Erzhou Zhu, Feng Liu, Xianyong Fang, Xuejun Li, Yindong Yang, Alei Liang, "DYBS: A Lightweight Dynamic Slicing Framework for Diagnosing Attacks on x86 Binary Programs," Journal of Software vol. 9, no. 3, pp. 560-568, 2014.
General Information
ISSN: 1796-217X (Online)
Frequency: Quarterly
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, CNKI, Google Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsweditorialoffice@gmail.com
-
Mar 01, 2024 News!
Vol 19, No 1 has been published with online version [Click]
-
Jan 04, 2024 News!
JSW will adopt Article-by-Article Work Flow
-
Apr 01, 2024 News!
Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec) [Click]
-
Apr 01, 2024 News!
Papers published in JSW Vol 18, No 1- Vol 18, No 6 have been indexed by DBLP [Click]
-
Nov 02, 2023 News!
Vol 18, No 4 has been published with online version [Click]