Bug detection method and system based on program characteristic tree

A program feature and vulnerability detection technology, applied in error detection/correction, software testing/debugging, instruments, etc., can solve the problems of low efficiency and low detection accuracy of semantic vulnerability detection, and achieve rapid addition, deletion and modification, and low coupling , high-accuracy effect

Active Publication Date: 2017-08-11
HUAZHONG UNIV OF SCI & TECH
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Effectively solve the technical problems of low accuracy of vulnerability detection based

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Bug detection method and system based on program characteristic tree
  • Bug detection method and system based on program characteristic tree
  • Bug detection method and system based on program characteristic tree

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0044] The overall idea of ​​the present invention is that the developer uses the vulnerability function code to find whether there is a similarity vulnerability in the function code to be tested, so as to solve the problem of vulnerability diffusion caused by code cloning. Generate a program dependency graph by analyzing the source code semantics, and then use the identifier mapping method to m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a bug detection method and a bug detection system based on a program characteristic tree. The implementation method comprises the steps of analyzing a bug function code to generate a bug program dependence graph, traversing the bug program dependence graph to generate a bug program characteristic tree; analyzing a to-be-detected function code to generate a to-be-detected program dependence graph, traversing the to-be-detected program dependence graph to generate a to-be-detected program characteristic tree; carrying out node matching on the bug program characteristic tree and the to-be-detected program characteristic tree; if all nodes in the bug program characteristic tree can be matched with the nodes in the to-be-detected program characteristic tree, judging whether a data dependence relation of the to-be-detected program characteristic tree which is the same as that of the bug program characteristic tree exists between the matched nodes in the bug program characteristic tree and the to-be-detected program characteristic tree; and if so, judging that a bug exists in the to-be-detected function code. According to the method and the system, the execution efficiency of bug detection can be remarkably improved while guaranteeing the detection accuracy.

Description

technical field [0001] The invention belongs to the technical field of similarity loophole detection in loophole detection research, and more specifically relates to a loophole detection method and system based on a program feature tree. Background technique [0002] When developing software, existing code is often reused. This method of introducing the same or similar code segments from existing code is called "code cloning". Code cloning is widely used in large-scale software development. A large number of code cloning will not only increase the difficulty of maintaining the entire project, but also lead to the spread of vulnerabilities when the cloned code segment has loopholes. [0003] The problem of code cloning is often ignored when vulnerability patches are released, which leads to the proliferation of released vulnerabilities due to code cloning and cannot be patched. Attackers can exploit the vulnerabilities caused by code cloning according to the released patches...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06F11/36
CPCG06F11/3676G06F21/577
Inventor 金海邹德清齐汉超李珍
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap