Unlock instant, AI-driven research and patent intelligence for your innovation.

A third-party component vulnerability detection method based on binary code features

A binary code and vulnerability detection technology, which is applied in the field of third-party component vulnerability detection, can solve problems such as rare involvement, and achieve the effect of improving detection efficiency

Active Publication Date: 2021-04-02
苏州棱镜七彩信息科技有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] For open source code source detection, most of the current research is based on source code static detection methods, which are usually used for code clone detection. At present, they can be mainly classified into four types of detection methods: text-based, lexical-based, grammar-based and semantic-based. However, how to efficiently detect open source components from binary files under massive data is rarely covered in public technical materials, so research in this area is very valuable

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A third-party component vulnerability detection method based on binary code features
  • A third-party component vulnerability detection method based on binary code features
  • A third-party component vulnerability detection method based on binary code features

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. The following examples are used to illustrate the present invention, but are not intended to limit the scope of the present invention.

[0026] Such as figure 1 , figure 2 The third-party component vulnerability detection method based on binary code characteristics is different in that it includes the following steps:

[0027] First, extract the multi-dimensional features of the third-party components, and construct the feature library of the third-party components. Specifically, the binary code features in the third-party components are extracted, and the invariants in the process from source code and compilation to binary code are selected and stored in the feature library. The invariants include constant strings, digital constants, and digitized function signatures. One or more of the vectors. Durin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a third-party component vulnerability detection method based on binary code features. The method comprises the following steps that firstly, multi-dimensional features of a third-party component are extracted, and a feature library of the third-party component is constructed; secondly, the binary code features of a to-be-detected file are extracted, and the corresponding third-party component is searched and matched; thirdly, the version number of the component is determined according to features of finer dimensions. Therefore, inverted index and grading ranking modesused in a search engine are applied to the feature matching process, the detection efficiency of mass third-party components is improved, and the third-party component used in a binary code can be rapidly detected.

Description

technical field [0001] The invention relates to a third-party component vulnerability detection method, in particular to a third-party component vulnerability detection method based on binary code features. Background technique [0002] At present, most software applications, whether they are mobile applications or desktop applications, more or less use open source codes for the development of interfaces or functions in order to reduce development costs and improve development efficiency. There are various ways to introduce open source code into a software project. Directly introducing open source code into a project as part of the software function is the most common case. In addition, software developers sometimes use some commercial components. [0003] Most open source components are packaged and provide users with corresponding interfaces, attributes, and methods. Users can use the components but cannot see the source code. Developers who use open source components foc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F21/56G06F16/901G06F16/903
CPCG06F21/563G06F21/577G06F2221/033G06F16/901G06F16/90344
Inventor 但吉兵陈都陈虹兵
Owner 苏州棱镜七彩信息科技有限公司