Supercharge Your Innovation With Domain-Expert AI Agents!

Automatic detection method of buffer overflow vulnerabilities based on symbolic execution path pruning

A buffer overflow and symbolic execution technology, applied in the field of automatic detection of buffer overflow vulnerabilities, can solve the problems of manual inspection, time-consuming and energy-consuming, and achieve the effect of suppressing state explosion and saving time and energy

Active Publication Date: 2017-11-24
NANJING UNIV
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the process of actually using these tools, security auditors need to manually check the above-mentioned buffer overflow alarms and write test cases to cover the path generated by static analysis to analyze whether there is a possibility of buffer overflow in the path, which consumes a lot of time and effort

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic detection method of buffer overflow vulnerabilities based on symbolic execution path pruning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The specific implementation process can use the existing buffer overflow static analysis tools, control flow graph generation tools and symbolic execution tools. The following sections describe in more detail the details of the implementation process.

[0046] 1. Obtain a complete static analysis path that can be used to guide symbolic execution

[0047] In specific implementation, the static buffer overflow vulnerability path obtained through feature matching needs to be mapped to the control flow graph for further static analysis before it can be used in subsequent steps.

[0048] 1. Construct a control flow graph for the program or system to be tested. The so-called control flow graph is a directed graph. Each node in the control flow graph represents a basic block, and each statement in the program corresponds to a node in the graph. Control flow does not jump or halt until it leaves a basic block.

[0049] 2. Reverse the control flow graph, that is, the nodes in ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an automatic detection method for buffer overflow vulnerabilities based on symbolic execution path pruning. First, a large number of suspected loophole paths containing false positives are obtained by using a vulnerability feature matching method, and secondly, a symbolic execution technology based on state space reduction and path pruning is used. Verify that the set vulnerability is suspected to be a static analysis path, and judge whether the vulnerability can be triggered by a test case by building an overflow model and constraint solving at the detection point. The present invention uses a dynamic and static combination method to automatically measure buffer overflow vulnerabilities, which can be used in vulnerability detection and security auditing, instead of manually and automatically verifying the results of static analysis of buffer overflow vulnerabilities, etc., and can quickly perform automatic detection and generate overflow vulnerability triggers Test cases, effectively saving time and labor costs.

Description

technical field [0001] The invention relates to an automatic buffer overflow vulnerability detection method based on symbolic execution path pruning. The method can be used in vulnerability detection and security audit, instead of manually and automatically verifying the results of static analysis of buffer overflow vulnerabilities, etc., and belongs to software testing technology application field. Background technique [0002] Software security is to enable the software to continue to ensure the correct functionality and to ensure that the software is used legally within the scope of authorization even when it is subject to malicious attacks. However, due to the negligence of software developers or the limitations of programming languages ​​when developing software, potential loopholes often exist in software. These vulnerabilities can greatly weaken software security. Once exploited by an attacker, it will cause very serious consequences. Buffer overflow vulnerabilities ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
Inventor 王林章鲍铁匀李宣东
Owner NANJING UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com