Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Software patch detection method and device based on data flow analysis

A technology of data flow analysis and detection method, applied in the computer field, can solve problems such as low efficiency, limited detection accuracy, and unsatisfactory practical applications

Active Publication Date: 2020-05-19
BEIHANG UNIV
View PDF7 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the rapid iteration of software products and the differentiation of product release platforms, patch detection is very difficult to achieve
[0003] The current patch detection methods include: extracting the control flow of the binary code and performing embedding learning, and then using the learned feature vectors for discriminant analysis. Although the detection efficiency of this type of method is relatively high, the detection accuracy is greatly limited.
Another type of method uses a method based on symbolic execution combined with data flow analysis to detect patches in binary code. However, this type of method is extremely inefficient and cannot be applied to large-scale software product detection tasks.
These limit the efficiency and accuracy of existing patch detection tools
[0004] Efficient and accurate automated patch detection tools play an extremely important role in the security protection of IoT devices. However, the existing work and devices are far from meeting the needs of practical applications in terms of detection efficiency and accuracy.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software patch detection method and device based on data flow analysis
  • Software patch detection method and device based on data flow analysis
  • Software patch detection method and device based on data flow analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] figure 1 It is a flowchart of a software patch detection method based on data flow analysis in an embodiment of the present invention, such as figure 1 As shown, a software patch detection method based on data flow analysis, including:

[0040] Step 1: Use Extractor to analyze the patch code, and select and detect the modification semantics of assignment statements and conditional statements, function call statements, type-related statements, and other types of statements in the patch code in sequence as the characteristics of the patch to be detected; establish a binary The mapping relationship between code and source code;

[0041] Step 2: Select VEX-IR as the intermediate code of the binary code promotion of the platform of the device in the Internet of Things environment, use the open source Angr to analyze the binary code, and extract the control flow, wherein the control flow is in the unit of function, Each of said functions contains a node as a basic block;

...

Embodiment 2

[0069] Such as Figure 5 As shown, a software patch detection device based on data flow analysis includes:

[0070] The selection unit is used to analyze the patch code by using the Extractor, select and detect the modification semantics of the assignment statement and the conditional statement, the function call statement, the type-related statement, and other types of statements in the patch code in sequence as the characteristics of the patch to be detected, and establish The mapping relationship between binary code and source code;

[0071] The analysis unit selects VEX-IR as the intermediate code for upgrading the binary code of the device firmware in the Internet of Things environment, uses the Optimizer to analyze the binary code using the open source Angr, extracts the control flow, and analyzes the data flow in the basic block and cross-basic The data flow of the block is analyzed;

[0072] The processing unit optimizes the extracted data flow; selects the ITL state...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a software patch detection method based on data flow analysis. The software patch detection method comprises the following steps of: analyzing a patch code by using Extractor,and sequentially selecting and detecting modified semantics of an assignment statement, a conditional statement, a function call statement, a type related statement and other types of statements in the patch code as features of a patch to be detected; establishing a mapping relationship between a binary code and a source code; selecting VEX-IR as an intermediate code for binary code promotion ofequipment firmware in an Internet of Things environment, analyzing the binary code by using the open-source Angr, and extracting a control flow, wherein the control flow takes functions as units, andeach function comprises a control flow with nodes as basic blocks and program skip semanteme as sides; analyzing the data flow in the basic blocks, reversely analyzing codes of the basic blocks one byone, and extracting a use chain of a variable in each statement; analyzing the data flow across the basic blocks; optimizing the extracted data stream; and acquiring the patch features from the basicblocks, and performing multi-stage matching on the patch features.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a software patch detection method and device based on data flow analysis. Background technique [0002] With the rapid development of IoT and the wide application of open source software in IoT devices, a large number of vulnerable devices are exposed to the Internet environment. According to a report released by Gartner, it is estimated that there will be 20 billion IoT devices worldwide by 2020. Although open source software regularly releases vulnerability patches, due to the lack of an effective software update mechanism and patch management mechanism, a large number of vulnerabilities remain unpatched. For example, the Heartbleed vulnerability that broke out in 2014 led to the risk of more than 200 million Android devices being attacked. Although OpenSSL released a patch for this vulnerability in a timely manner, as of 2017, the vulnerability in more than 200,000 devices ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 李建欣孙佩源邵明来周睿邰振赢
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com