It is difficult to dynamically assess the runtime trustworthiness of a software program. Improperly validated user input is the underlying root cause for a wide variety of attacks on applications. This paper proposes an approach for constructing a trusted software behaviour model related with the input data for identifying and tracking the insecure information flows based on dynamic tainting analysis and dynamic slicing technology. It can tag and track user input at runtime and prevents its improper use to maliciously affect the execution of the program. We regard an instruction as a basic analysis unit and focus on information flow caused by variable assignment, the information flow of each instruction is defined as its behaviour specification. During the execution, instructions that use untrusted variable are tracked to determine whether the address modified by the instructions belongs to the specification or not. A method of extraction and checking of the behaviour specification was researched and designed. In order to prove for efficiency and performance of the model, a set of tests were conducted, and preliminary results show the validity of our approach.
Wang, Dan; Dong, Min; and Zhao, Wenbing
"An Input Data Related Behavior Extracting and Measuring Model,"
Applied Mathematics & Information Sciences: Vol. 07:
2, Article 35.
Available at: https://digitalcommons.aaru.edu.jo/amis/vol07/iss2/35