Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An automated mining method for binary security vulnerabilities

A binary and vulnerability technology, applied in computer security devices, instruments, calculations, etc., can solve the problems of unguaranteed code coverage and low efficiency of dynamic analysis implementation, and achieve fast speed, improved accuracy, and high code coverage Effect

Active Publication Date: 2020-11-06
成都无糖信息技术有限公司
View PDF14 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, most of the solutions that can automatically mine binary vulnerabilities adopt the implementation method of dynamic analysis. The implementation method of dynamic analysis is inefficient and cannot guarantee code coverage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An automated mining method for binary security vulnerabilities
  • An automated mining method for binary security vulnerabilities

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0030] Such as figure 1 As shown, the present embodiment provides a binary security vulnerability automatic mining method, which includes the following steps:

[0031] S1. Extract AST from the target input program, convert AST into intermediate code, and optimize it. Specifically, the optimization is to make the intermediate code easier to analyze through optimization methods such as local register allocation optimization;

[0032] S2. Track the flow process of the control point of the target input program, mark each flow, and mark the label according to the flow state;

[0033] S3. Establish a vulnerability rule according to the label. If the vulnerability rule is met, it is considered that a suspected vulnerability point has occurred; the vulnerability rule described in this embodiment includes the order of the label, that is, the flow direction of the data can be judged by the order of the label;

[0034] S4. Record suspected vulnerability points as output samples to be an...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an automatic binary security vulnerability mining method, which comprises the following steps of: extracting an AST (abstract syntax tree) from target input, converting the ASTinto an IL (intermediate code), and optimizing the IL; then tracking the flow process of the program controllable point, marking each flow, and marking a label according to the flow state; establishing a vulnerability rule according to the label, and if the vulnerability rule is met, considering that a suspected vulnerability point appears; and finally, recording suspected vulnerability points asto-be-analyzed samples to be output so as to realize automatic mining of binary security vulnerabilities. In the static analysis process, the means of data flow analysis is combined, a label labelingmode is adopted in the data tracking process, and the vulnerability recognition accuracy is improved.

Description

technical field [0001] The invention relates to the technical field of computer applications, in particular to an automatic mining method for binary security loopholes based on static analysis. Background technique [0002] Binary vulnerability mining is much more difficult than source code, because what it faces is not a high-level language with complete semantics, but machine code close to the bottom layer of the system. Because of this, it is more practical to dig out vulnerabilities in binary programs than in source code. [0003] At present, most of the solutions that can automatically mine binary vulnerabilities adopt the implementation method of dynamic analysis, which is inefficient and cannot guarantee code coverage. Contents of the invention [0004] In order to overcome the above-mentioned deficiencies, the inventor of the present invention through long-term exploration attempts and many experiments and efforts, continuous reform and innovation, proposed a bina...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 张瑞冬童永鳌朱鹏
Owner 成都无糖信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products