Vulnerability testing method in attack and system thereof

A vulnerability detection and current state technology, applied in the field of network security, can solve the problems of executable program uncertainty, reducing the accuracy of analysis results, increasing the difficulty of analysis, etc., to avoid failure to analyze, reduce memory usage, and improve maneuverability. Effect

Active Publication Date: 2009-08-26
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF0 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the uncertainty of the executable program itself greatly reduces the accuracy of the analysis results, such as indirect jumps, pointer aliases, etc., which are currently difficult to solve in

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability testing method in attack and system thereof
  • Vulnerability testing method in attack and system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] Such as figure 1 As shown in , it is the flowchart of vulnerability detection during attack in the most simplified mode. The specific implementation is as follows:

[0019] 1) Virtual machine loading: the analyzed program is loaded into the virtual environment module by the virtual loader and executed at the same time. The operating system installed in the virtual environment module as the operating platform of the analyzed program is called the guest operating system. The operating system chooses Windows or Linux according to the different programs to be analyzed. The specific code is as follows: run(target program);

[0020] 2) Process positioning: A program is a static description of the code, and a process is a dynamic description of the code, that is, the running program. Since the Windows operating system is installed in the guest operating system, it is a multi-tasking operating system, that is, multiple different programs may be executed on the virtual CPU w...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a vulnerability testing method in attack and a system thereof, belonging to the field of network security. The method comprises: after programs which are analyzed is loaded into a virtual machine, whether the current running process of the virtual machine belongs to the analyzed program is recognized; if yes, whether the current code is in circulation is judged, the current status information is recorded when in circulation; if not, whether the current program is in attack is judged; if being in attack, the state s before variable which is depended by the last time program pointer can be looked for from the current recorded status information; the status information saved in the s is restored, and the program starts to run again from the state s; the concrete command which modifies the variable depended by the program pointer is found out, and the position of the command is returned; the system of the invention comprises a virtual environment module, a state selection module, a system monitoring module, a vulnerability-analysis module and a status record module. The invention has good maneuverability and high detection efficiency, and solves the problem that business software lacks a source code and can not be analyzed.

Description

technical field [0001] The present invention mainly relates to a method and system for detecting a loophole, in particular to a method and system for detecting a loophole during an attack, and belongs to the field of network security. Background technique [0002] Unknown vulnerabilities are the first-hand information that hackers and software developers hope to be the first to know. For hackers, if they obtain a certain number of unknown vulnerabilities, they can enter computers with corresponding vulnerabilities at will, carry out privilege escalation, and even further cause greater damage. With the continuous development of the network and the continuous increase of the number and types of various software, the harm caused by unknown vulnerabilities is more obvious. Most harmful worms are almost always the product of unknown vulnerabilities. For example, the well-known Shockwave utilizes Microsoft's MS03-026 vulnerability, Sasser utilizes Microsoft's MS04-011 vulnerabil...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/22H04L29/06G06F21/56
Inventor 陈恺苏璞睿司端锋
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap