Application vulnerability detection method and device

An application program and vulnerability detection technology, applied in computer security devices, instruments, computing, etc., can solve problems such as low efficiency of vulnerability detection schemes and incomplete detection results, and achieve the effect of solving incomplete and comprehensive detection results

Active Publication Date: 2017-01-04
ALIBABA GRP HLDG LTD
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Embodiments of the present invention provide a method and device for detecting loopholes in application programs, so as to at least solve technical problems such as low efficiency and incomplete detection results in the loophole detection scheme.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application vulnerability detection method and device
  • Application vulnerability detection method and device
  • Application vulnerability detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0024] According to an embodiment of the present invention, a method embodiment of a vulnerability detection method for an application program is also provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be implemented in a computer system such as a set of computer-executable instructions and, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0025] The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Take running on a computer terminal as an example, figure 2 It is a block diagram of the hardware structure of a computer terminal used to implement the application program vulnerability detection method according to the embodiment of the present invention. Such as figure 2 As shown, the computer t...

Embodiment 2

[0075] This embodiment is described by taking the detection of DOS vulnerabilities of applications based on the Android operating system as an example. However, it should be noted that the solution in this embodiment is not limited to application detection of the Android operating system, nor is it limited to DOS vulnerabilities. The main design idea of ​​this embodiment is to filter out specific APIs through official documents (that is, open source documents), and use this as the basis for detecting DOS vulnerabilities, that is, for open source operating systems, according to the behavior of the system API described in open source documents To find specific APIs of interest, based on these APIs combined with some other methods to achieve specific functions (such as DOS vulnerability detection in this embodiment). It mainly includes the following processes: 1. Generate CFG (Controll Flow Graph) based on static code; 2. Prune through static analysis to filter out API branches th...

Embodiment 3

[0087] According to an embodiment of the present invention, there is also provided a vulnerability detection device for an application program implementing the above method, which can run in the mobile terminal, computer terminal or similar computing device described in Embodiment 1, but does not It is limited to the function or structure of the above-mentioned computing device in Embodiment 1. Such as Figure 7 As shown, the device includes:

[0088] The conversion module 70 is configured to convert the installation file of the application program to be detected into a code file. The functions realized by this module can be realized through solutions in related technologies. For example, for the installation package file of an Android application, the installation package (Android Package, APK for short) file of the application can be converted into smali code by APKTool , but not limited to this implementation.

[0089] The obtaining module 72 is connected to the conversi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an application vulnerability detection method and device, wherein the method comprises: converting an installation file of an application to be detected into a code file; acquiring description information of a specific function, wherein the specific function is a function for reflecting a specific behavior; determining in the cold file, first functions matching with the specific description information according to the description information, and detecting vulnerabilities of the application according to the first functions. Through the above technical scheme, the technical problem that a vulnerability detection scheme is low in efficiency with incomplete detection results is solved.

Description

technical field [0001] The present invention relates to the field of loophole detection, in particular to a method and device for loophole detection of application programs. Background technique [0002] With the rapid development of smart mobile terminals, applications based on mobile operating systems emerge in endlessly. However, due to the large number of developers, there are inevitably security holes in the applications. For example, among the vulnerabilities in Android applications, there is a kind of vulnerability that has a wide impact and is the Java Null Pointer (Null Pointer) denial of service (Denial Of Service, abbreviated as DOS) vulnerability (hereinafter referred to as DOS vulnerability). This type of vulnerability is mostly caused by the program crash caused by improper handling of parameters when the program calls some system APIs, resulting in the inability to use normal functions and resulting in DOS. [0003] At present, the main way to detect such vul...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 孙伟超
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap