Unlock instant, AI-driven research and patent intelligence for your innovation.

Vulnerability mining method and device based on binary program

A binary program and vulnerability mining technology, applied in computer security devices, program/content distribution protection, instruments, etc., can solve problems such as the impact of vulnerability mining effects, achieve the effect of reducing repeated parts and improving efficiency

Active Publication Date: 2018-03-20
ALIBABA GRP HLDG LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] However, this implementation method still has at least the following problems: there are considerable repeated operations in the process of each symbol execution (for example, a file needs to be reopened every time, etc.), and the effect of vulnerability mining is affected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability mining method and device based on binary program
  • Vulnerability mining method and device based on binary program

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments in this application belong to the protection scope of this application.

[0031] In order to facilitate the understanding of the embodiments of the present application, several concepts are briefly introduced below.

[0032] Dynamic vulnerability mining based on path traversal actually uses the idea of ​​tainted data propagation analysis, mainly to monitor the so-called "untrusted data", that is, the propagation trajectory of tainted data. Taint data usually comes from user input, including command line parameters, graphical interface interaction data, file data, network communication data,...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a vulnerability discovery method and device based on a binary-system program. The vulnerability discovery method comprises the steps of determining a target point to be mirrored in the target program execution process; pausing target program execution and mirroring a process state of the target point at the corresponding moment; recovering the target program execution and obtaining new stain data through symbolic execution after completing mirroring establishment; utilizing information saved in the mirroring process to recover a process space and then utilizing original stain data to be replaced by the obtained new stain data to be input into a target program so as to continue to perform iteration execution from the target point after obtaining the new stain data. By means of the vulnerability discovery method and device based on the binary-system program, repeated portions in an execution track can be reduced, and the vulnerability discovery efficiency can be improved.

Description

technical field [0001] The present application relates to the technical field of application program vulnerability mining, in particular to a binary program-based vulnerability mining method and device. Background technique [0002] With the wide application of computers in various fields of national economy and national defense construction, the security of computer software as the only carrier of information systems has become particularly important. Software security vulnerabilities have become one of the main sources of information security risks. Due to the harmfulness, diversity and pervasiveness of software security loopholes, loopholes are actively concerned by all parties in various gaming behaviors in the current cyberspace. How to effectively discover vulnerabilities, eliminate or reduce the negative impact of vulnerabilities on social life and national information security, that is, vulnerability mining and protection has become a research focus in the field of ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/12
CPCG06F21/12G06F21/577G06F2221/033
Inventor 樊兴华
Owner ALIBABA GRP HLDG LTD