A Practical Covert Channel Identification Approach in Source Code Based on Directed Information Flow Graph

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement Pub Date : 2011-06-27 DOI:10.1109/SSIRI.2011.17

Jingzheng Wu, Liping Ding, Yongji Wang, Wei Han

{"title":"A Practical Covert Channel Identification Approach in Source Code Based on Directed Information Flow Graph","authors":"Jingzheng Wu, Liping Ding, Yongji Wang, Wei Han","doi":"10.1109/SSIRI.2011.17","DOIUrl":null,"url":null,"abstract":"Covert channel analysis is an important requirement when building secure information systems, and identification is the most difficult task. Although some approaches were presented, they are either experimental or constrained to some particular systems. This paper presents a practical approach based on directed information flow graph taking advantage of the source code analysis. The approach divides the whole system into serval independent modules and analyzes them respectively. All the shared variables and their caller functions are found out from the source codes and modeled into directed information flow graphs. When the information flow branches are visible and modifiable to the external interface, a potential covert channel exists. Contributions made in this paper are as follows: a modularized analysis scheme is proved and reduces the workloads of identifying, a directed information flow graph algorithm is presented and used to model the covert channels, more than 30 covert channels have been identified in Linux kernel source code using this scheme, and a typical channel scenario is constructed.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SSIRI.2011.17","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Covert channel analysis is an important requirement when building secure information systems, and identification is the most difficult task. Although some approaches were presented, they are either experimental or constrained to some particular systems. This paper presents a practical approach based on directed information flow graph taking advantage of the source code analysis. The approach divides the whole system into serval independent modules and analyzes them respectively. All the shared variables and their caller functions are found out from the source codes and modeled into directed information flow graphs. When the information flow branches are visible and modifiable to the external interface, a potential covert channel exists. Contributions made in this paper are as follows: a modularized analysis scheme is proved and reduces the workloads of identifying, a directed information flow graph algorithm is presented and used to model the covert channels, more than 30 covert channels have been identified in Linux kernel source code using this scheme, and a typical channel scenario is constructed.

查看原文本刊更多论文

一种实用的基于有向信息流图的源代码隐蔽信道识别方法

隐蔽信道分析是构建安全信息系统的重要要求，而识别隐蔽信道是最困难的任务。虽然提出了一些方法，但它们要么是实验性的，要么仅限于某些特定的系统。本文利用源代码分析的优势，提出了一种基于有向信息流图的实用方法。该方法将整个系统划分为几个独立的模块，并分别进行分析。从源代码中找出所有共享变量及其调用函数，并将其建模为有向信息流图。当信息流分支对外部接口可见且可修改时，就存在潜在的隐蔽通道。本文的贡献如下:证明了一种模块化的分析方案，减少了识别的工作量;提出了一种有向信息流图算法，并将其用于隐蔽通道的建模;利用该方案在Linux内核源代码中识别了30多个隐蔽通道，并构建了一个典型的通道场景。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2011 Fifth International Conference on Secure Software Integration and Reliability Improvement

自引率

0.00%

发文量