Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method

Abstract

The invention relates to a mode-based dynamic vulnerability discovery integrated system and a mode-based dynamic vulnerability discovery integrated method. The mode-based dynamic vulnerability discovery integrated system comprises a dynamic taint analysis module, a test case selection module, a restraint solving module and a management module. The mode-based dynamic vulnerability discovery integrated method comprises the following steps: firstly, transmitting a seed case to an application program, tracking the transmission of taint data in the program by use of the dynamic taint analysis module, then expressing a transmission track by use of symbols, thereby obtaining a symbolized taint transmission path by virtue of combination of a dynamic taint analysis technology and a symbol execution technology; then by taking the symbolized taint transmission path as input of the restraint solving module, performing restraint solving to obtain a new test case, re-transmitting the test case to the application program, and further performing subsequent operations, wherein the whole process is performed under unified dispatching management of the management module. According to the mode-based dynamic vulnerability discovery integrated system and the mode-based dynamic vulnerability discovery integrated method, the automation degree and efficiency of dynamic vulnerability discovery for a binary program are improved, the generated test data accuracy and the efficiency are high, and thus a fuzzy test process is high in pertinency.

Description

technical field [0001] The invention relates to a dynamic vulnerability data mining integration system and method for binary programs, belonging to the fields of software engineering and information security. Background technique [0002] With the rapid development of information technology and the continuous progress of society, information is becoming more and more important to the development of modern society, and the resulting information security issues have also attracted more attention. As an important part of information security, network security is related to national security and social stability, and its importance has become increasingly prominent with the acceleration of global informatization. [0003] For a long time, software security vulnerabilities have been the main root cause of various network security. According to the investigation and analysis of the National Computer Virus Emergency Response Center, "unpatched network (system) security holes" are ...

AI Technical Summary

Problems solved by technology

At present, most of the software does not provide the source code, so it is difficult to carry out effective static analysis, especially in the case of using imported software and other commercial software, and cannot fully control all aspects of software development, it is necessary to conduct in-depth analysis and analysis of the security of software implementation. Strict evaluation is an important means to ensure the security of information systems, gray box testing is particularly important

[0006] In the process of dynamic vulnerability mining for binary programs, the most commonly used methods are white-box testing and black-box testing. The defects detected by white-box testing may not be triggered during operation, while black-box testing has great blindness.

At the same time, a single method is often used in the testing process, which is inefficient and poorly targeted, and different vulnerabilities have different patterns, so it cannot be generalized for all types of vulnerabilities

Images