2015 | OriginalPaper | Chapter
Lightweight Function Pointer Analysis
Authors : Wei Zhang, Yu Zhang
Published in: Information Security Practice and Experience
Publisher: Springer International Publishing
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
How to detect and classify the huge malware samples received every day is a major challenge of security area. In recent years, using function call graph to detect and classify malicious software has become a feasible method. As the basic technology of call graph construction, function pointer analysis becomes more noticeable. Previous works often use the result of pointer analysis to determine the possible targets of function pointer calls. However, the inherent complexity and efficiency problem of the pointer analysis often leads to unsatisfactory results when applied to practical programs. This paper presents a strong connected component (SCC) level flow-sensitive and context-sensitive function pointer analysis algorithm (referred as FP algorithm). This algorithm not only makes up for the speed deficiency of pointer analysis, but also obtains higher precision. Measurements for 8 practical C programs show that FP algorithm advances 42.6 times on average compared with DSA algorithm and the precision is also improved.