Research on Software Trust Analysis Based on Behavior

Yingxu LAI  Wenwen ZHANG  Zhen YANG  

IEICE TRANSACTIONS on Information and Systems   Vol.E97-D   No.3   pp.488-496
Publication Date: 2014/03/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E97.D.488
Print ISSN: 0916-8532
Type of Manuscript: PAPER
Category: Software Engineering
trust,  software behavior,  system call,  state-layer,  state graph,  

Full Text: PDF(1.6MB)>>
Buy this Article

In this paper, we propose a new trusted modeling approach based on state graphs. We introduce a novel method of deriving state-layer from a system call sequence in terms of probability and statistics theory, and we identify the state sequence with the help of Hidden Markov Model (HMM). We generate state transition graph according to software executing process and pruning rules. Then, we separate local function graphs according to software specific functions by semantic analysis. The state-layer is a bridge between the basic behaviors and the upper layer functions of software to compensate semantic faults. In addition, a pruning strategy of formulating state graphs is designed to precisely describe each piece of software functions. Finally, a detecting system based on our model is proposed, and a case study of RSS software reveals how our system works. The results demonstrate that our trusted model describes software behaviors successfully and can well detect un-trust behaviors, anomaly behaviors, and illegal input behaviors.