Bootable symbolic execution vulnerability detection method based on path combination

A technology of vulnerability detection and guidance symbols, applied in error detection/correction, software testing/debugging, instruments, etc., it can solve problems such as explosion, impact of vulnerability detection efficiency and accuracy, excessive consumption of time and resources, etc., to achieve efficient vulnerability detection , the effect of reducing the number of explorations and improving the accuracy

Active Publication Date: 2017-04-26
NANJING UNIV
View PDF3 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, symbolic execution faces the problem of "path explosion" in which the path increases exponentially with the increase of program size, which makes symbolic execution consume too much time and resources on redundant paths and paths that are not related to vulnerabilities, and even the Efficiency and accuracy suffer greatly

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bootable symbolic execution vulnerability detection method based on path combination
  • Bootable symbolic execution vulnerability detection method based on path combination
  • Bootable symbolic execution vulnerability detection method based on path combination

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0031] Unless the context clearly states otherwise, the number of elements and components in the present invention can exist in a single form or in multiple forms, and the present invention is not limited thereto. Although the steps in the present invention are arranged with labels, they are not used to limit the order of the steps. Unless the order of the steps is clearly stated or the execution of a certain step requires other steps as a basis, the relative order of the steps can be adjusted. It can be understood that the term "and / or" used herein refers to and covers any and all possible combina...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a bootable symbolic execution vulnerability detection method based on path combination. The bootable symbolic execution vulnerability detection method based on path combination comprises the following steps: a, scanning and analyzing a target program to acquire a program control stream related to vulnerability, and marking a path combination range; b, in a symbolic execution process, carrying out abstract collection on the marked range according to information of the acquired program control stream; and c, in the symbolic execution process, directly reusing an abstract when meeting an abstracted program segment to eliminate redundancy exploration, and cutting off program paths unrelated to the vulnerability. The bootable symbolic execution vulnerability detection method has the beneficial effects that the bootable symbolic execution vulnerability detection method based on path combination can eliminate exploration of redundant paths, so that the symbolic execution efficiency and the vulnerability detection precision are improved, and more precise and efficient vulnerability detection is realized.

Description

technical field [0001] The invention belongs to the fields of software engineering and information security, and in particular relates to a method for detecting loopholes in bootable symbolic execution based on path merging. Background technique [0002] Vulnerabilities are flaws in computer software caused by program errors, which can be exploited by attackers to cause potential harm to computers or networks. With the development of the modern software industry, the scale of software continues to expand, and the position of the testing phase in the software life cycle has been paid more and more attention. However, the security testing for vulnerabilities is facing more and more bottlenecks. Therefore, finding potential vulnerabilities in programs efficiently is one of the main concerns of people in vulnerability detection. As a common method of vulnerability detection, symbolic execution has gradually become a research hotspot in the field of security testing. It is an e...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06F11/36
CPCG06F11/3688G06F21/577
Inventor 曾庆凯聂凌
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap