Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for binary code vulnerability discovery on basis of simple symbolic execution

A binary code and symbolic execution technology, applied in the field of binary code vulnerability mining, can solve problems such as inaccessible source code, danger, and inability to know that the program path has been executed, etc.

Inactive Publication Date: 2012-12-26
BEIHANG UNIV
View PDF3 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method is blind, neither can know which program paths have been executed, nor can it construct the input in a oriented manner, so that the program can be executed to paths that have not been traversed
Most of the time in the test process is repeated execution of the same path, making the test time cost too high
Source-level testing can help programmers find many bugs caused by code style or wrong syntax and semantics, but there are several disadvantages: 1) It is impossible to find bugs when the program is running; 2) In many cases, the source code is not accessible 3) Each type of programming language needs to be considered separately
However, these tools have a common disadvantage. Due to the need to instrument the source code or binary code, the operation efficiency is low due to the large number of instrumented codes. For malware, the actual operation will bring other dangers.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for binary code vulnerability discovery on basis of simple symbolic execution
  • Method for binary code vulnerability discovery on basis of simple symbolic execution
  • Method for binary code vulnerability discovery on basis of simple symbolic execution

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0061] The method of the present invention will be further described in detail below in conjunction with the accompanying drawings and the implementation of the present invention.

[0062] The basic idea of ​​the present invention is: convert the binary code into an intermediate language, and then combine the control flow information, input point information, and function modeling information to perform symbolic execution on the intermediate language. After the symbolic execution process is completed, the obtained and input A collection of intermediate language statements of related instructions, according to certain security attribute rules, judge whether there are loopholes in these statements.

[0063] figure 1 It is a schematic flow diagram of the binary code vulnerability mining method based on simple symbol execution, as shown in figure 1 As shown, the method includes the following steps:

[0064] Step A: Hand the binary code to the disassembly engine, decode it into a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for binary code vulnerability discovery on the basis of simple symbolic execution. The method comprises five steps that: firstly, binary codes are translated into an intermediate language with a static single assignment through a binary code translation component; and then, a disassembling engine is used to disassemble the binary codes, the control flow information of the binary codes is extracted, static symbolic execution is carried out in the intermediate language on the basis of the control flow information, an entrance point needs to be determined during the symbolic execution process, an input vector is converted into a symbol, and a called function is modeled. After the symbolic execution process is completed, the statement assembly of the intermediate language which depends on the input vector can be obtained, the statements of an assembly are simplified, and a vulnerability discovery confirmation report is generated after security attribute rules are used to confirm.

Description

technical field [0001] The invention relates to a binary code loophole mining method based on simple symbol execution, which can detect loopholes caused by improper input. It is applicable to multiple platforms, and only statically interprets the binary code without actual execution, so it is more efficient. Using one of the security attribute rules successfully verified all the vulnerabilities in the ioctrol routines reported in antivirus software drivers such as Rising, Super Patrol, and Norton in recent years. It is suitable for software testing, vulnerability mining and other fields. Background technique [0002] Traditional software vulnerability mining methods generally use black-box Fuzz testing to construct a set of random inputs and pass them to the program until the program crashes. This method is blind, neither can know which program paths have been executed, nor can it construct the input in a oriented manner, so that the program can be executed to the paths th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36
Inventor 马金鑫李舟军忽朝俭
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com