Identifying communications of running programs through their assembly level execution traces

Date

2018-05-28

Authors

Huang, Huihui

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Understanding the communications between programs can help software security engineers understand the behaviour of a system and detect vulnerabilities in a system. Assembly-level execution traces are used for this purpose for two reasons: 1) lack of source code of the running programs, and 2) assembly-level execution traces provide the most accurate run-time behaviour information. In this thesis, I present a communication analysis approach using such execution traces. I first model the message based communication in the context of trace analysis. Then I develop a method and the necessary algorithms to identify communications from a dual trace which consist of two assembly level execution traces. A prototype is developed for communication analysis. Finally, I conducted two experiments for communication analysis of interacting programs. These two experiments show the usefulness of the designed communication analysis approach, the developed algorithms and the implemented prototype.

Description

Keywords

Assembly trace analysis, communication analysis, software security, vulnerability, dynamic analysis

Citation