Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Multi-level hybrid vulnerability automatic mining method

An automatic mining and multi-level technology, applied in the computer field, can solve problems such as path explosion, slowness, and slow solution speed of symbolic execution

Active Publication Date: 2020-10-30
GUANGZHOU UNIVERSITY
View PDF7 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the slow speed of the constraint solution of the symbolic execution technology, the solution process for complex logical judgments is more complex and slow, and there are cases where there is no solution
Secondly, symbolic execution will cause the path explosion problem with the increase of the target program size, making the solution speed of symbolic execution slower, and even causing the operating system to crash
Due to the limitations of symbolic execution technology, such as low execution efficiency, excessive resource occupation, and unsolvable constraints, the effect of introducing symbolic execution technology into coverage-oriented fuzz testing is not satisfactory. Therefore, a multi-level mixed vulnerability automatic detection method is proposed. mining method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-level hybrid vulnerability automatic mining method
  • Multi-level hybrid vulnerability automatic mining method
  • Multi-level hybrid vulnerability automatic mining method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0043] Please refer to Figure 1-4 , the present invention provides a technical solution: a multi-level mixed vulnerability automatic mining method, comprising the following steps:

[0044] S1: Use static analysis technology to use pointer analysis to obtain the pointer allocation and assignment process in the program, and record the memory address locations pointed to by all pointers; use alias analysis technology to obtain the destination operand of CMP instructions to clarify the jump address of the target program;

[0045] S2: Through the static insertion technology of the intermediate code, the monitoring code is inserted into the key position of the target program;

[0046] S3: Save the current stack frame information in the global data structure when the monitoring function is executed in the target program after instrumentation through the dynamic semantic information extraction technology, and the stack frame information includes the memory address saved from the esp ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of computers, and particularly relates to a multi-level hybrid vulnerability automatic mining method, which comprises the following steps: S1, obtaining pointer distribution and assignment processes in a program by utilizing pointer analysis through a static analysis technology, and recording memory address positions pointed by all pointers; obtaining adestination operand of the CMP type instruction by using an alias analysis technology so as to clarify a jump address of the target program; and S2, realizing instrumentation of the monitoring code to the key position of the target program through an intermediate code static instrumentation technology. According to the invention, the binary executable program is translated into the middle-layer representation language of the compiler, and compared with the binary executable program, the middle-layer representation language source code obtained through processing of the method has more semantic information; compared with C / C + + language analysis, the static analysis technology for the LLVM IR intermediate representation language can realize finer-grained static semantic information extraction during compiling.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a multi-level mixed loophole automatic mining method. Background technique [0002] The fuzz testing technology only constructs random, unexpected malformed data as the random input of the target program, monitors the abnormal state that may exist during the execution of the target program, and judges whether there is a vulnerability in the target binary program through the abnormal state generated. However, fuzz testing only considers generating random input, rather than optimizing and improving different target programs, which leads to low code coverage for different target binary programs and can't test most of the functions of binary programs. Testing means that the scope of vulnerability mining is limited to the shallow logic of the target program, and it is impossible to test most of the functions of the target program and dig out complex loopholes in the deep logic of th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06F21/56G06F11/36
CPCG06F21/577G06F21/563G06F11/3688G06F2221/033
Inventor 田志宏杨佳庚郭润生鲁辉张鑫国金成杰何陆潇涵孙起曹靖靖孙彦斌苏申
Owner GUANGZHOU UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products