Shaping vulnerability detection method based on dynamic and static analysis

A vulnerability detection, dynamic and static technology, applied in the direction of platform integrity maintenance, instrumentation, electrical digital data processing, etc., can solve the problems affecting the detection of plastic vulnerability, the lack of dynamic detection tools for plastic vulnerability, and the lack of consideration of control flow dependencies, etc.

Inactive Publication Date: 2020-03-24
上海安智信息科技有限公司
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But the shaping loopholes still haven't disappeared. There are three main reasons: (1) There are quite a few methods, such as BLIP, RICH, SafeInt, IntSafe, etc., which require program source code, but for most commercial software, the source code is not necessary for ordinary Users are generally not available
(2) Incomplete type information extraction
Shaping vulnerability detection tools for binary code (BRICK, IntScope, SmartFuzz) do not consider control flow dependencies when extracting type information, and part of the type information is lost, which affects the detection of shaping vuln

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Shaping vulnerability detection method based on dynamic and static analysis
  • Shaping vulnerability detection method based on dynamic and static analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The method of the present invention proposes a binary tool consisting of static and dynamic analysis parts. First, the x86 binary program is converted into an intermediate language using LLVM. Then, by extending the type analysis system of LLVM, the complete type information is extracted, and the suspicious instruction set is constructed. Finally, combined with dynamic detection tools, the instructions related to vulnerabilities are determined in the suspicious instruction set.

[0049] like figure 2 Shown, in order to realize the above object, the present invention completes in three steps:

[0050] Step 1. Establish a plastic vulnerability model and describe the attributes related to the vulnerability;

[0051] Step 2, according to the vulnerability model, statically scan the code and analyze the suspicious instruction set;

[0052] Step 3, according to the vulnerability model, dynamically run the code to detect whether the instruction in the suspicious instructi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a shaping vulnerability detection method based on dynamic and static analysis. Static and dynamic program analysis technologies are combined. Points to be protected include thefollowing contents that in a static analysis stage, the tool decompiles the binary program and creates a suspicious instruction set; in a dynamic analysis stage, the tool dynamically scans instructions in the suspicious instruction set, and whether the instructions are vulnerabilities or not is judged in combination with input capable of triggering the vulnerabilities. At present, vulnerability mining is either static analysis or dynamic analysis. The vulnerability detection technology can well overcome the defects of existing vulnerability mining, accurate and sufficient type information is provided, and through static analysis based on the decompiler, the number of instructions needing to be detected during dynamic operation is reduced.

Description

technical field [0001] The invention relates to a detection method for shaping loopholes, in particular to a dynamic and static analysis-based detection method for plastic loopholes. Background technique [0002] In the past few years, several methods for detecting shaping vulnerabilities have been proposed. But the shaping loopholes still haven't disappeared. There are three main reasons: (1) There are quite a few methods, such as BLIP, RICH, SafeInt, IntSafe, etc., which require program source code, but for most commercial software, the source code is not necessary for ordinary Users are generally not available. (2) The extraction of type information is incomplete. Shaping vulnerability detection tools for binary code (BRICK, IntScope, SmartFuzz) do not consider control flow dependencies when extracting type information, and part of the type information is lost, which affects the detection of shaping vulnerabilities. (3) Detection limitations, some tools can only detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 陈平
Owner 上海安智信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap