Automated diagnosis and prevention of unsafe dynamic software component loadings

For an improved system modularity and flexibility through code reuse, efficient memory usage, and reduced disk space dynamic loading of software components is widely used mechanism in operating system. However, Programming mistakes may create malicious components being loaded with regular dynamic loadings. In particular, dynamic loadings can be made as malicious components by placing an arbitrary file with the same or specified name in target components. Although this issue has not been considered serious because such vulnerabilities are dangerous than virus and exploiting it requires access to local file system. This kind of malicious will act as original dynamic loadings with the same name and makes remote exploitation realistic. To avoid remote attacks and intruders, in this paper we present the automated technique to detect unsafe dynamic component loadings and malicious. By applying dynamic binary instrumentation to collect runtime information on component loading, and analyze the collected information to detect vulnerable component loadings can prevent unsafe dynamic components.