Method of Monitoring Correctness of Execution of Processes in Operating Systems by Control of Dimensional Systems of Variables
Abstract
A problem of monitoring the correctness of calculations faces developers of software products for any operating system. In this case, both determine the moment of incorrect calculation and localize the process commands are led to incorrect calculations is needed. Approaches based on a control timer, process duplication, or endpoint detection and response methods are either redundant or have no guarantees for the localization of computational disruptions in the shortest possible time.
The paper proposes an approach to monitoring the correctness of process execution. The approach is based on the method of program variables dimensions control. This method allows you to detect disruptions of the calculations performing by the process after execution of an incorrect computational command. The method is based on modeling linear blocks of program by dimensions of variables using in calculations. Detection of calculations’ disruptions is implemented while monitoring the control flow of the executing process. As a result, this method is a way to control the execution of basic blocks of the program.
The method makes it possible to recognize the anomalies of processes execution using the variables dimensional model. Detection of disruptions by the method can be executed regardless of reasons of a process execution disruption. However, this method does not allow you to determine the causes of disruptions.
Approaches to implementing this method using the capabilities of operating systems and using hardware are considered. The limitation of the method has been revealed, which comes from the requirement for the ability to monitor the executed by process computational instructions.
References
2. Petrenko S.A., Kostyukov A.D. Hybrid Security Threat Monitoring. Zaŝita informacii. Inside. 2020;(2):4-16. (In Russ., abstract in Eng.) EDN: UUKTLC
3. Bukhanov D.G., Sulokhin D.V. Detection of malware based on the classification of source code graphs. Proceedings of the TUSUR University. 2018;21(3):30-34. (In Russ., abstract in Eng.) https://doi.org/10.21293/1818-0442-2018-21-3-30-34
4. Skvortsov A.A. Design and implementation of multitasking embedded control systems on microcontrollers: operating system or state machines? Programmnaya Ingeneria = Software Engineering. 2019;10(7-8);311-316. (In Russ., abstract in Eng.) https://doi.org/10.17587/prin.10.311-316
5. Lebedyantsev V.V. Generalized invariant method messaging and assessment of its information security. Infocommunicationnye Technologii. 2014;12(3):28-32. (In Russ., abstract in Eng.) EDN: THAWHT
6. Bonfante G., Kaczmarek M., Marion J.Y. Architecture of a morphological malware detector. Journal in Computer Virology. 2009;5:263-270. https://doi.org/10.1007/s11416-008-0102-4
7. Ismail M., et al. Enforcing C/C++ Type and Scope at Runtime for Control-Flow and Data-Flow Integrity. In: Proceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 3 (ASPLOS '24), Vol. 3. New York, NY, USA: Association for Computing Machinery; 2024. p. 283-300. https://doi.org/10.1145/3620666.3651342
8. Shahini S., Zhang M., Payer M., Ricci R. Arvin: Greybox Fuzzing Using Approximate Dynamic CFG Analysis. In: Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security (ASIA CCS '23). New York, NY, USA: Association for Computing Machinery; 2023. p. 232-246. https://doi.org/10.1145/3579856.3582813
9. Kulyamin V.V. Prospects for the integration of software verification methods. Proceedings of the Institute for System Programming. 2009;16(1):73-88. (In Russ., abstract in Eng.) EDN: MWEEWP
10. Kovalev V.V., Kompanietc R.I., Novikov V.A. Verification of Programs Based on Similarity. Informatics and Automation (SPIIRAS Proceedings). 2015;(1):233-245. (In Russ., abstract in Eng.) EDN: TQURCF
11. Kharzhevskaya A.V., Lomako A.G., Petrenko S.A. Representing Programs with Similarity Invariants for Monitoring Tampering with Calculations. Voprosy Kiberbezopasnosti. 2017;(2):9-20. (In Russ., abstract in Eng.) https://doi.org/10.21581/2311-3456-2017-2-9-20
12. Kharzhevskaya A.V., Lomako A.G., Petrenko S.A. Audit of Safety Based on Multilateral Invariants of Similarity. Zaŝita informacii. Inside. 2018;(2):22-33. (In Russ., abstract in Eng.) EDN: YVTAVP
13. Young M., Tevanian A., Rashid R., Golub D., Eppinger J. The duality of memory and communication in the implementation of a multiprocessor operating system. ACM SIGOPS Operating Systems Review. 1987;21(5):63-76. https://doi.org/10.1145/37499.37507
14. Liu X., et al. Adonis: Practical and Efficient Control Flow Recovery through OS-level Traces. ACM Transactions on Software Engineering and Methodology. 2024;33(1):2. https://doi.org/10.1145/3607187
15. Conrado G.K., et al. Exploiting the Sparseness of Control-Flow and Call Graphs for Efficient and On-Demand Algebraic Program Analysis. Proceedings of the ACM on Programming Languages. 2023;7(OOPSLA2):292. https://doi.org/10.1145/3622868
16. Ramsey N. Beyond Relooper: recursive translation of unstructured control flow to structured control flow (functional pearl). Proceedings of the ACM on Programming Languages. 2022;6(ICFP):90. https://doi.org/10.1145/3547621
17. Mishra T., et al. A Procrastinating Control-Flow Integrity Framework for Periodic Real-Time Systems. In: Proceedings of the 31st International Conference on Real-Time Networks and Systems (RTNS '23). New York, NY, USA: Association for Computing Machinery; 2023. p. 132-142. https://doi.org/10.1145/3575757.3575762
18. Mishra T., Chantem T., Gerdes R. Survey of Control-flow Integrity Techniques for Real-time Embedded Systems. ACM Transactions on Embedded Computing Systems. 2022;21(4):41. https://doi.org/10.1145/3538275
19. Abadi M., Budiu M., Erlingsson U., Ligatti J. Control-flow integrity principles, implementations, and applications. ACM Transactions on Information and System Security. 2009;13(1):4. https://doi.org/10.1145/1609956.1609960
20. Wagner D., Dean R. Intrusion detection via static analysis. In: Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001, Oakland, CA, USA: IEEE Press; 2001. p. 156-168. https://doi.org/10.1109/SECPRI.2001.924296
21. Koppel J., Kearl J., Solar-Lezama A. Automatically deriving control-flow graph generators from operational semantics. Proceedings of the ACM on Programming Languages. 2022;6(ICFP):117. https://doi.org/10.1145/3547648
22. Allen F.E. Control flow analysis. ACM SIGPLAN Notices. 1970;5(7):1-19. https://doi.org/10.1145/390013.808479
23. Bauman E., Duan J., Hamlen K.W., Lin Z. Renewable Just-In-Time Control-Flow Integrity. In: Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses (RAID '23). New York, NY, USA: Association for Computing Machinery; 2023. p. 580-594. https://doi.org/10.1145/3607199.3607239
24. Ritika Wason, Soni A.K., Qasim Rafiq M. Estimating Software Reliability by Monitoring Software Execution through OpCode. International Journal of Information Technology and Computer Science. 2015;7(9):23-30. https://doi.org/10.5815/ijitcs.2015.09.04
25. Hohmuth M., Peter M., Härtig H., Shapiro J.S. Reducing TCB size by using untrusted components: small kernels versus virtual-machine monitors. In: Proceedings of the 11th workshop on ACM SIGOPS European workshop (EW 11). New York, NY, USA: Association for Computing Machinery; 2004. p. 22-es. https://doi.org/10.1145/1133572.1133615
This work is licensed under a Creative Commons Attribution 4.0 International License.
Publication policy of the journal is based on traditional ethical principles of the Russian scientific periodicals and is built in terms of ethical norms of editors and publishers work stated in Code of Conduct and Best Practice Guidelines for Journal Editors and Code of Conduct for Journal Publishers, developed by the Committee on Publication Ethics (COPE). In the course of publishing editorial board of the journal is led by international rules for copyright protection, statutory regulations of the Russian Federation as well as international standards of publishing.
Authors publishing articles in this journal agree to the following: They retain copyright and grant the journal right of first publication of the work, which is automatically licensed under the Creative Commons Attribution License (CC BY license). Users can use, reuse and build upon the material published in this journal provided that such uses are fully attributed.
