Multi-level hybrid vulnerability automatic mining method

Abstract

The invention belongs to the technical field of computers, and particularly relates to a multi-level hybrid vulnerability automatic mining method, which comprises the following steps: S1, obtaining pointer distribution and assignment processes in a program by utilizing pointer analysis through a static analysis technology, and recording memory address positions pointed by all pointers; obtaining adestination operand of the CMP type instruction by using an alias analysis technology so as to clarify a jump address of the target program; and S2, realizing instrumentation of the monitoring code to the key position of the target program through an intermediate code static instrumentation technology. According to the invention, the binary executable program is translated into the middle-layer representation language of the compiler, and compared with the binary executable program, the middle-layer representation language source code obtained through processing of the method has more semantic information; compared with C / C + + language analysis, the static analysis technology for the LLVM IR intermediate representation language can realize finer-grained static semantic information extraction during compiling.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a multi-level mixed loophole automatic mining method. Background technique [0002] The fuzz testing technology only constructs random, unexpected malformed data as the random input of the target program, monitors the abnormal state that may exist during the execution of the target program, and judges whether there is a vulnerability in the target binary program through the abnormal state generated. However, fuzz testing only considers generating random input, rather than optimizing and improving different target programs, which leads to low code coverage for different target binary programs and can't test most of the functions of binary programs. Testing means that the scope of vulnerability mining is limited to the shallow logic of the target program, and it is impossible to test most of the functions of the target program and dig out complex loopholes in the deep logic of th...

AI Technical Summary

Problems solved by technology

However, due to the slow speed of the constraint solution of the symbolic execution technology, the solution process for complex logical judgments is more complex and slow, and there are cases where there is no solution

Secondly, symbolic execution will cause the path explosion problem with the increase of the target program size, making the solution speed of symbolic execution slower, and even causing the operating system to crash

Due to the limitations of symbolic execution technology, such as low execution efficiency, excessive resource occupation, and unsolvable constraints, the effect of introducing symbolic execution technology into coverage-oriented fuzz testing is not satisfactory. Therefore, a multi-level mixed vulnerability automatic detection method is proposed. mining method

Images