Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Shaping vulnerability detection method based on dynamic and static analysis

A vulnerability detection, dynamic and static technology, applied in the direction of platform integrity maintenance, instrumentation, electrical digital data processing, etc., can solve the problems affecting the detection of plastic vulnerability, the lack of dynamic detection tools for plastic vulnerability, and the lack of consideration of control flow dependencies, etc.

Inactive Publication Date: 2020-03-24
上海安智信息科技有限公司
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But the shaping loopholes still haven't disappeared. There are three main reasons: (1) There are quite a few methods, such as BLIP, RICH, SafeInt, IntSafe, etc., which require program source code, but for most commercial software, the source code is not necessary for ordinary Users are generally not available
(2) Incomplete type information extraction
Shaping vulnerability detection tools for binary code (BRICK, IntScope, SmartFuzz) do not consider control flow dependencies when extracting type information, and part of the type information is lost, which affects the detection of shaping vulnerabilities
(3) Detection limitations, some tools can only detect integer overflow, such as IntScope, UQBTng
However, some tools lack dynamic detection tools specifically for shaping vulnerabilities, which may result in false negatives. SmartFuzz generates test cases that may trigger shaping vulnerabilities, and reports test cases that cause memory errors through the detection tool Memcheck
However, the shaping vulnerability that causes non-control flow attacks cannot be detected by Memcheck, the test cases of this vulnerability will not be reported, and SmartFuzz will generate false negatives

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Shaping vulnerability detection method based on dynamic and static analysis
  • Shaping vulnerability detection method based on dynamic and static analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The method of the present invention proposes a binary tool consisting of static and dynamic analysis parts. First, the x86 binary program is converted into an intermediate language using LLVM. Then, by extending the type analysis system of LLVM, the complete type information is extracted, and the suspicious instruction set is constructed. Finally, combined with dynamic detection tools, the instructions related to vulnerabilities are determined in the suspicious instruction set.

[0049] like figure 2 Shown, in order to realize the above object, the present invention completes in three steps:

[0050] Step 1. Establish a plastic vulnerability model and describe the attributes related to the vulnerability;

[0051] Step 2, according to the vulnerability model, statically scan the code and analyze the suspicious instruction set;

[0052] Step 3, according to the vulnerability model, dynamically run the code to detect whether the instruction in the suspicious instructi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a shaping vulnerability detection method based on dynamic and static analysis. Static and dynamic program analysis technologies are combined. Points to be protected include thefollowing contents that in a static analysis stage, the tool decompiles the binary program and creates a suspicious instruction set; in a dynamic analysis stage, the tool dynamically scans instructions in the suspicious instruction set, and whether the instructions are vulnerabilities or not is judged in combination with input capable of triggering the vulnerabilities. At present, vulnerability mining is either static analysis or dynamic analysis. The vulnerability detection technology can well overcome the defects of existing vulnerability mining, accurate and sufficient type information is provided, and through static analysis based on the decompiler, the number of instructions needing to be detected during dynamic operation is reduced.

Description

technical field [0001] The invention relates to a detection method for shaping loopholes, in particular to a dynamic and static analysis-based detection method for plastic loopholes. Background technique [0002] In the past few years, several methods for detecting shaping vulnerabilities have been proposed. But the shaping loopholes still haven't disappeared. There are three main reasons: (1) There are quite a few methods, such as BLIP, RICH, SafeInt, IntSafe, etc., which require program source code, but for most commercial software, the source code is not necessary for ordinary Users are generally not available. (2) The extraction of type information is incomplete. Shaping vulnerability detection tools for binary code (BRICK, IntScope, SmartFuzz) do not consider control flow dependencies when extracting type information, and part of the type information is lost, which affects the detection of shaping vulnerabilities. (3) Detection limitations, some tools can only detect...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 陈平
Owner 上海安智信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com