|
This article is cited in 2 scientific papers (total in 2 papers)
Natch: using virtual machine introspection and taint analysis for detection attack surface of the software
P. M. Dovgalyukab, M. A. Klimushenkovaa, N. I. Fursovaa, V. M. Stepanova, I. A. Vasilieva, A. A. Ivanova, A. V. Ivanova, M. G. Bakulina, D. I. Egorova a Ivannikov Institute for System Programming of the RAS
b Yaroslav-the-Wise Novgorod State University
Abstract:
Natch is a tool that provides a convenient way of obtaining an attack surface. By attack surface we mean a list of executable files, dynamic libraries and functions that are responsible for input data processing (such as: files, network packets) during task execution. Functions that end up in the attack surface are possible sources of software vulnerabilities, so they should be given an increased attention during an analysis. At the heart of the Natch tool lay improved methods of tainted data tracking and virtual machines introspection. Natch is built on the basis of the full-system QEMU emulator, so it allows you to analyze any system components, including even the OS kernel and system drivers. The collected attack surface data is visualized by SNatch, which is tool for data post-processing and GUI implementation. SNatch comes with Natch tool by default. Attack surface obtaining can be built into CI/CD for integrational and system testing. A refined attack surface will increase the effectiveness of functional testing and fuzzing in the life cycle of secure software.
Keywords:
dynamic analysis, introspection, taint analysis, qemu, instrumentation, natch
Citation:
P. M. Dovgalyuk, M. A. Klimushenkova, N. I. Fursova, V. M. Stepanov, I. A. Vasiliev, A. A. Ivanov, A. V. Ivanov, M. G. Bakulin, D. I. Egorov, “Natch: using virtual machine introspection and taint analysis for detection attack surface of the software”, Proceedings of ISP RAS, 34:5 (2022), 89–110
Linking options:
https://www.mathnet.ru/eng/tisp723 https://www.mathnet.ru/eng/tisp/v34/i5/p89
|
Statistics & downloads: |
Abstract page: | 33 | Full-text PDF : | 16 |
|