DCR-based dynamic vulnerability detection method and system

A vulnerability mining and dynamic technology, applied in the direction of instrumentation, electronic digital data processing, platform integrity maintenance, etc., can solve the problems of high algorithm complexity, time-consuming, large amount of calculation, etc., achieve parallelization and automation, increase effective Sexuality and efficiency-enhancing effects

Inactive Publication Date: 2017-02-22
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] With the rapid development of information security and vulnerability mining technology, the current vulnerability mining algorithm has a large amount of calculation and high algorithm complexity. The vulnerability mining test with a certain binary application as the test target often takes several months to run, which is very time-consuming.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DCR-based dynamic vulnerability detection method and system
  • DCR-based dynamic vulnerability detection method and system
  • DCR-based dynamic vulnerability detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The specific implementation manners of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0043] Combining dynamic vulnerability mining technology with DCR parallel computing technology, it is first necessary to analyze the characteristics of dynamic vulnerability mining, and then extract functional modules that can be parallelized, that is, design a vulnerability mining calculation model, and extract a test execution process. The dynamic vulnerability mining system is implemented by combining three methods: dynamic taint analysis, symbolic execution and fuzz testing. By using dynamic taint analysis, the execution path of the input data in the program under test is obtained, and then the path is symbolized and the execution path is extracted using symbolic execution technology. Constraints in , solve and calculate the set of constraints and generate new test cases. The newly generated test cases are re-passed as input ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DCR-based dynamic vulnerability detection method and a system. The method comprises the following steps: 1) reconstructing a vulnerability detection system on the basis of a DCR parallel computed structure feature; 2) generating a test task according to a seed test case input to an initial task and putting into a task queue of a dispatching node; 3) distributing the task in the task queue to an idle calculation node by the dispatching node; 4) executing the corresponding test task by the calculation node, after ending the execution, taking the newly generated test cases and the test case resulted in target program crash as calculation results and sending to the dispatching node; 5) stipulating all the received calculation results by the dispatching node, organizing all the newly generated test cases into test tasks and transferring to the task queue, and storing the test case resulted in target program crash; 6) repeating the steps 3)-5) till the task queue is empty, and then confirming the vulnerability of the target program according to the stored test case resulted in target program crash.

Description

technical field [0001] The invention relates to a DCR-based dynamic loophole mining system and method, belonging to the fields of software engineering and information security. Background technique [0002] With the development of network technology, computer technology has been popularized rapidly, but it has also produced many security problems. Among them, vulnerability is the most important factor threatening network security. Due to the existence of loopholes, hackers or criminals can steal user information, elevate system privileges, and seriously threaten the security of users and even the country. Especially some 0day vulnerabilities, because they have not been repaired in time, threaten the security of the network even more. [0003] In response to repeated security issues, the country has gradually put security issues on the agenda and paid enough attention to them. The “National Vulnerability Database” provided by the China Information Security Evaluation Cente...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 王雪飞马恒太李小凤杨克
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap