Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Excavating device and excavating method of binary system program loopholes

A binary program and vulnerability mining technology, applied in computer security devices, instruments, electrical digital data processing, etc., can solve problems such as lack of guidance, high false negative rate and false positive rate, easy to miss program paths, etc., to avoid blindness effect

Inactive Publication Date: 2012-08-01
BEIJING UNIV OF POSTS & TELECOMM
View PDF6 Cites 52 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Complex conditional branches and deeply nested loops in binary programs lead to serious path explosion problems
[0007] (1) Dynamic binary program vulnerability mining technology based on symbolic execution and constraint solving faces high computational costs
[0008] (2) The dynamic binary program vulnerability mining technology based on symbolic execution and constraint solving has incompleteness when collecting the constraints of the binary program execution path, and the current constraint solver is difficult to solve complex nonlinear constraints get its exact solution
[0009] (3) The dynamic binary program vulnerability mining technology based on symbolic execution and constraint solving usually blindly truncates loops, so it is easy to miss some program paths that may contain vulnerabilities
[0010] (4) The test cases automatically generated by Fuzzing-based dynamic testing are blind, and a large number of generated test cases all point to the same path, lacking guidance, and the efficiency of triggering potential security vulnerabilities in binary programs is low
However, it theoretically has a high rate of false negatives and false negatives, making it difficult to accurately locate vulnerabilities
Moreover, most static analysis needs to be analyzed on the basis of source code, and the static symbolic execution technology for binary programs is also relatively complicated and expensive to calculate.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Excavating device and excavating method of binary system program loopholes
  • Excavating device and excavating method of binary system program loopholes
  • Excavating device and excavating method of binary system program loopholes

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0048] see figure 1 , first introduce the structural composition of the device for mining binary program vulnerabilities that integrates genetic algorithm and dynamic pollution tracking: the device is equipped with sequentially connected static analysis module, debugger module, genetic algorithm module, test input generation module and abnormal monitoring module , and a dynamic pollution tracking module located between the debugger module and the genetic algorithm module; where:

[0049] Static analysis module, which is developed and implemented based on the interactive disassembler professional version IDAPro (Interactive Disassembler Professional), is used to extract the control flow structure, basic block information and call address of dangerous functions in t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Provided are an excavating device and an excavating method of binary system program loopholes. The excavating device is provided with a static analysis module, a debugger module, a genetic algorithm module, a test input generation module and an abnormal monitoring module which are sequentially connected and a dynamic pollution tracking module located between the debugger module and the genetic algorithm module. The excavating device is guided to generate a test case by aid of a fitness function of the genetic algorithm, the multi-objective fitness function is designed, and the test case is evaluated in view of quantification. Dynamic pollution tracking is used for identifying key bytes in input files to narrow search space of the genetic algorithm. The excavating device combines advantages of the genetic algorithm and the dynamic pollution tracking and is guided to generate the test case, so that the generated test case is strong in pertinence, generated test data are high in accuracy and efficiency, further qualitative analysis and quantitative calculation are combined, and therefore path explosion in binary system program testing based on the symbolic execution and constraint solving technology is avoided.

Description

technical field [0001] The present invention relates to a software security technology, specifically, to a binary program loophole mining device and method that integrates genetic algorithm and dynamic pollution tracking, and belongs to the technical field of binary program security loophole detection. Background technique [0002] At present, in the field of software security research, security analysis of binary programs is often performed. An important issue in the process of security analysis is how to quickly generate targeted test cases for triggering possible security vulnerabilities in binary programs. Now, the method commonly used in the engineering industry is fuzz testing Fuzz Testing (also known as: random number black box brute force testing method). Fuzz Testing can automatically generate test data with accurate test results and a wide range of applications; however, the path coverage of generated test input files is low, and most of the generated test cases po...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/22G06F21/57
Inventor 崔宝江梁晓兵
Owner BEIJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com