检索结果-内蒙古大学图书馆

control flow-based opcode behavior analysis for Malware detection

COMPUTERS & SECURITY 2014年 44卷 65-74页

作者： Ding, Yuxin Dai, Wei Yan, Shengli Zhang, Yumei Shenzhen Univ Town Harbin Inst Technol Shenzhen Grad Sch Shenzhen 518055 Peoples R China Chinese Acad Sci State Key Lab Comp Architecture Inst Comp Technol Beijing 100864 Peoples R China

Opcode sequences from decompiled executables have been employed to detect malware. Currently, opcode sequences are extracted using text-based methods, and the limitation of this method is that the extracted opcode sequences cannot represent the true behaviors of an executable. To solve this issue, we present a control flow-based method to extract executable opcode behaviors. The behaviors extracted by this method can fully represent the behavior characteristics of an executable. To verify the efficiency of control flow-based behaviors, we perform a comparative study of the two types of opcode behavior analysis methods. The experimental results indicate that the proposed control flow-based method has a higher overall accuracy and a lower false positive rate. (C) 2014 Elsevier Ltd. All rights reserved.

关键词： Opcode sequence Malicious code detection control flow graph Machine learning Classification Security

来源：评论

学校读者我要写书评

暂无评论

GENERALIZED DOMINATORS

引用

INFORMATION PROCESSING LETTERS 1995年第4期53卷 193-200页

作者： GUPTA, R Department of Computer Science University of Pittsburgh Pittsburgh PA 15260 USA

The notion of dominators is generalized to include multiple-vertex dominators in addition to traditional single-vertex dominators. A multiple-vertex dominator of a vertex is a group of vertices that collectively dominate the vertex. An algorithm for computing immediate multiple-vertex dominators is presented. The immediate dominator information is expressed in the form of a directed acyclic graph referred to as the DDAG. The generalized dominator set of any vertex can be computed from the DDAG. The single-vertex dominator information restricts the propagation of loop invariant statements and array bound checks out of loops. Generalized dominator information avoids these restrictions.

关键词： control flow graph CODE OPTIMIZATION LOOP INVARIANTS ARRAY BOUND CHECKS CODE HOISTING

来源：评论

学校读者我要写书评

暂无评论

Measuring nesting

引用

IET SOFTWARE 2022年第6期16卷 543-557页

作者： Alrasheed, Hend Melton, Austin King Saud Univ Dept Informat Technol Univ StPOB 145111 Riyadh Saudi Arabia Kent State Univ Dept Comp Sci Kent OH USA

Nesting is a fundamental and very commonly used programming construct. In many cases, the wise use of nesting contributes significantly to a programming team elegantly designing a solution to a difficult problem. However, the ease with which nesting constructs may be created and the essentially unlimited depth and breadth to which they may exist also enable a programming team to create programs that may be extremely difficult to understand and maintain. In this paper, nesting and nesting metrics are examined. The authors begin the nesting examination/discussion with a precise definition of the scope of programme selection nodes. The term 'nodes' instead of 'statements' is used because this work is done on control flow graphs of programme modules. Although there has been much work done on metrics related to nesting, there has not been significant work done on metrics that focus entirely on nesting. Explicit definitions for nesting depth and nesting breadth metrics are given for programme modules. The metrics are validated by comparing them to probably the best known nesting metric, the MaCabe cyclomatic metric. Also, the metrics are compared to the standard lines of code metric. Further, a new nesting concept, the nesting tree, is discussed and it is proposed that nesting trees themselves could be useful nesting measurement values.

关键词： programming nesting depth metrics nesting breadth metrics nesting depth nesting measurement control flow graph nesting tree programming construct nesting constructs MaCabe cyclomatic metric flow graphs trees (mathematics) program modules software metrics program selection nodes

来源：评论

学校读者我要写书评

暂无评论

Computation of intraprocedural dynamic program slices

引用

INFORMATION AND SOFTWARE TECHNOLOGY 2003年第8期45卷 499-512页

作者： Mund, GB Mall, R Sarkar, S Indian Inst Technol Dept Comp Sci & Engn Kharagpur 721302 W Bengal India

Dynamic slicing algorithms are used in interactive applications such as program debugging and testing. Therefore, these algorithms need to be very efficient. In this context, we propose three intraprocedural dynamic slicing algorithms which are more space and time efficient than the existing algorithms. Two of the proposed algorithms compute precise dynamic slices of structured programs using Program Dependence graph as an intermediate representation. To compute precise dynamic slices of unstructured programs, we introduce the concepts of jump dependence and Unstructured Program Dependence graph. The third algorithm uses Unstructured Program Dependence graph as the intermediate program representation, and computes precise dynamic slices of unstructured programs. We show that each of our proposed algorithms is more space and time efficient than the existing algorithms. (C) 2003 Elsevier Science B.V. All rights reserved.

关键词： program slicing static slicing dynamic slicing program debugging control flow graph program dependence graph unstructured program dependence graph

来源：评论

学校读者我要写书评

暂无评论

Optimal test sequence generation using firefly algorithm

引用

SWARM AND EVOLUTIONARY COMPUTATION 2013年 8卷 44-53页

作者： Srivatsava, Praveen Ranjan Mallikarjun, B. Yang, Xin-She BITS Pilani Dept Comp Sci & Informat Syst Pilani Rajasthan India Univ Cambridge Dept Engn Cambridge CB2 1PZ England Middlesex Univ Sch Sci & Technol London NW4 4BT England

Software testing is an important but complex part of software development life cycle. The optimization of the software testing process is a major challenge, and the generation of the independent test paths remains unsatisfactory. In this paper, we present an approach based on metaheuristic firefly algorithm to generate optimal test paths. In order to optimize the test case paths, we use a modified firefly algorithm by defining appropriate objective function and introducing guidance matrix in traversing the graph. Our simulations and comparison show that the test paths generated are critical and optimal paths. (C) 2012 Elsevier B.V. All rights reserved.

关键词： Firefly algorithm State transition diagram Objective Function Cyclometic complexity control flow graph

来源：评论

学校读者我要写书评

暂无评论

A framework for quantitative evaluation of parallel control-flow obfuscation

引用

COMPUTERS & SECURITY 2012年第8期31卷 886-896页

作者： Huang, Yu-Lun Tsai, Hsin-Yi Natl Chiao Tung Univ Inst Elect Control Engn Hsinchu Taiwan

Software obfuscation is intended to protect a program by thwarting reverse engineering. Several types of software obfuscation have been proposed, and control-flow obfuscation is a commonly adopted one. In this paper, we present a framework to evaluate parallel control-flow obfuscation, which raises difficulty of reverse engineering by increasing parallelism of a program. We also define a control flow graph of a program and some atomic operators for obfuscating transformations. The proposed framework comprises three phases: parsing, formalization and evaluation. A program is first parsed to a control flow graph. Then, we formalize a parallel control-flow obfuscating transformation based on our atomic operators. By selecting target code blocks in the control flow graph and applying obfuscating transformations to the target code blocks, the original program is then obfuscated. In the third phase, we define a measure to calculate the program complexity. The measure can be considered as a degree to which an obfuscating transformation can confuse a human trying to understand the obfuscated program. Such a measure can also be used as the base of the potency metric to estimate the capability of the obfuscated program against reverse engineering. Our novel framework helps efficiently examine a control-flow obfuscating transformation in a systematic manner and helps select an appropriate obfuscating transformation among a number of candidates to better protect a program. (C) 2012 Elsevier Ltd. All rights reserved.

关键词： Software obfuscation Security evaluation Reverse engineering Software metrics control flow graph

来源：评论

学校读者我要写书评

暂无评论

PaddyFrog: systematically detecting confused deputy vulnerability in Android applications

引用

SECURITY AND COMMUNICATION NETWORKS 2015年第13期8卷 2338-2349页

作者： Wu, Jianliang Cui, Tingting Ban, Tao Guo, Shanqing Cui, Lizhen Shandong Univ Jinan 250100 Peoples R China Natl Inst Informat & Commun Technol Tokyo Japan

An enormous number of applications have been developed for Android in recent years, making it one of the most popular mobile operating systems. However, it is obvious that more vulnerabilities would appear along with the booming amounts of applications. Poorly designed applications may contain security vulnerabilities that can dramatically undermine users' security and privacy. In this paper, we studied a kind of recently reported application vulnerability named confused deputy - a specific type of privilege escalation vulnerability, which can result in unauthorized operations, and so on. We proposed a novel system with code-level static analysis to analyze the applications and automatically detect possible confused deputy vulnerabilities. To tackle analysis challenges imposed by Android's component-based programming paradigm, we employed special control flow graph construction techniques to build call relations among components and function call graph within components. We developed a prototype of this system named PaddyFrog and evaluated with 7190 real world Android applications from two of the most popular markets in China. We found 1240 applications with confused deputy vulnerability and proved to be exploitable. The median execution time of this system on an application is 14.4s, which is fast enough to be used in volumes of applications testing scenarios. Copyright (c) 2015 John Wiley & Sons, Ltd.

关键词： static analysis confused deputy attack privilege escalation attack control flow graph

来源：评论

学校读者我要写书评

暂无评论

Visualization and Formalization of User Constraints for Tight Estimation of Worst-Case Execution Time

引用

IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS 2009年第1期E92D卷 24-31页

作者： Lee, Jong-In Bang, Ho-Jung Kim, Tai-Hyo Cha, Sung-Deok Korea Univ Dept Comp Sci & Engn Seoul South Korea Korea Adv Inst Sci & Technol Dependable Software Lab Div Comp Sci Taejon 305701 South Korea

Automated static timing analysis methods provide a safe but usually overestimated worst-case execution time (WCET) due to infeasible execution paths. In this paper, we propose a visual language, User Constraint Language (UCL), to obtain a tight WCET estimation. UCL provides intuitive visual notations with which users can easily specify various levels of flow information to characterize valid execution paths of a program. The user constraints specified in UCL are translated into finite automata. The combined automaton, constructed by a cross-production of the automata for program and user constraints. reflects the static structure and possible dynamic behavior of the program. It contains only the execution paths satisfying user constraints. A case study using part of a software program for satellite flight demonstrates the effectiveness of UCL and our approach.

关键词： worst-case execution time user constraint control flow graph finite automata

来源：评论

学校读者我要写书评

暂无评论

BovdGFE: buffer overflow vulnerability detection based on graph feature extraction

引用

APPLIED INTELLIGENCE 2023年第12期53卷 15204-15221页

作者： Lv, Xinghang Peng, Tao Chen, Jia Liu, Junping Hu, Xinrong He, Ruhan Jiang, Minghua Cao, Wenli Wuhan Text Univ Sch Comp Sci & Artificial Intelligence Wuhan 430200 Hubei Peoples R China Hubei Prov Engn Res Ctr Intelligent Text & Fash Wuhan 430200 Hubei Peoples R China Engn Res Ctr Hubei Prov Clothing Informat Wuhan 430200 Hubei Peoples R China

Automatically detecting buffer overflow vulnerabilities is an important research topic in software security. Recent studies have shown that vulnerability detection performance utilizing deep learning-based techniques can be significantly enhanced. However, due to information loss during code representation, existing approaches cannot learn the features associated with vulnerabilities, leading to a high false negative rate (FNR) and low precision. To resolve the existing problems, we propose a method for buffer overflow vulnerability detection based on graph feature extraction (BovdGFE) in C/C++ programs. BovdGFE constructs the buffer overflow function samples. Then, we present a new representation structure, code representation sequence (CoRS), which incorporates the control flow, data dependencies, and syntax structure of the vulnerable code for reducing information loss during code representation. After the function samples are transformed into CoRS, a deep learning model is used to learn vulnerable features and perform vulnerability classification. The results of the experiments show that BovdGFE improves the precision and FNR by 6.3% and 3.9% respectively compared with state-of-the-art methods, which can significantly improve the capability of vulnerability detection.

关键词： Vulnerability detection Abstract syntax tree control flow graph Data dependency graph Code representation Deep learning

来源：评论

学校读者我要写书评

暂无评论

CoSS: Leveraging Statement Semantics for Code Summarization

引用

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING 2023年第6期49卷 3472-3486页

作者： Shi, Chaochen Cai, Borui Zhao, Yao Gao, Longxiang Sood, Keshav Xiang, Yong Deakin Univ Sch Informat Technol Geelong Vic 3220 Australia Qilu Univ Technol Shandong Acad Sci Jinan 250103 Shandong Peoples R China

Automated code summarization tools allow generating descriptions for code snippets in natural language, which benefits software development and maintenance. Recent studies demonstrate that the quality of generated summaries can be improved by using additional code representations beyond token sequences. The majority of contemporary approaches mainly focus on extracting code syntactic and structural information from abstract syntax trees (ASTs). However, from the view of macro-structures, it is challenging to identify and capture semantically meaningful features due to fine-grained syntactic nodes involved in ASTs. To fill this gap, we investigate how to learn more code semantics and control flow features from the perspective of code statements. Accordingly, we propose a novel model entitled CoSS for code summarization. CoSS adopts a Transformer-based encoder and a graph attention network-based encoder to capture token-level and statement-level semantics from code token sequence and control flow graph, respectively. Then, after receiving two-level embeddings from encoders, a joint decoder with a multi-head attention mechanism predicts output sequences verbatim. Performance evaluations on Java, Python, and Solidity datasets validate that CoSS outperforms nine state-of-the-art (SOTA) neural code summarization models in effectiveness and is competitive in execution efficiency. Further, the ablation study reveals the contribution of each model component.

关键词： Attention mechanism code summarization control flow graph graph neural network

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：