Binary program bug detection method based on function difference

A binary program and vulnerability detection technology, applied in error detection/correction, electrical digital data processing, software testing/debugging, etc.

Active Publication Date: 2020-11-10
XI AN JIAOTONG UNIV
View PDF7 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the problem of high false alarm rate in the above-mentioned existing methods, the present invention provides a binary program vulnerability detection method based on function difference, by constructing patch features to accurately determine whether there is a known vulnerability in the binary program or whether there is a corresponding patch

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Binary program bug detection method based on function difference
  • Binary program bug detection method based on function difference
  • Binary program bug detection method based on function difference

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In order to make the purpose, features and advantages of the present invention more obvious and understandable, the implementation of the present invention will be described in detail below in conjunction with the accompanying drawings and examples.

[0047] Taking the known vulnerability CVE-2014-0160 as an example, the binary program of the class library OpenSSL1.0.1e is used as the target binary program to be detected to detect this vulnerability.

[0048] Such as figure 1 As shown, a binary program vulnerability detection method based on function difference includes the following steps:

[0049] Step S1: According to the patch and other relevant information, determine that the functions related to the known vulnerability CVE-2014-0160 are dtls1_process_heartbeat(), tls1_process_heartbeat(), first select dtls1_process_heartbeat() for analysis; collect the last vulnerability version function, namely OpenSSL1.0.1 The binary code of the function dtls1_process_heartbeat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a binary program bug detection method based on function difference. The method comprises the following steps of: extracting patch features for a known bug function, performingfeature matching in a suspected target function, identifying whether a corresponding patch is made in the suspected target function or not, and judging whether a known bug is contained or not. The method comprises the following steps: firstly, determining a bug related function, collecting a binary code containing the bug function and a repaired function, and disassembling the binary code; secondly, determining the change between two versions of the same function by using a differential analysis technology, and generating patch features; and finally, screening out a suspected target function from a target program, positioning and representing a local key area in the suspected target function, performing feature matching through similarity calculation to detect whether the target function contains vulnerabilities, and completing vulnerability detection of the target program accordingly. The method aims at quickly and accurately detecting whether a target program contains a bug or not after a to-be-searched known bug is given, and the problem that an existing bug detection method based on function matching is high in false alarm rate is solved.

Description

technical field [0001] The invention belongs to the technical field of binary program analysis and loophole detection, in particular to a binary program loophole detection method based on function difference. Background technique [0002] Known vulnerabilities are those for which patches have been released. With the increasingly mature form of componentized development, the completeness and support of various third-party libraries greatly improves the development efficiency. Pay attention to the implementation of program function logic, use old versions of class libraries, or fail to update some components in time, if there are discovered and reported vulnerabilities in these class libraries or components, these vulnerabilities will continue to affect the developed procedures, resulting in security risks. With the growth and improvement of the software industry system, various commercial software and programs have been vigorously developed, and there are more and more clos...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06F11/36
CPCG06F21/577G06F11/3608G06F2221/033
Inventor 晋武侠徐一飞刘烃
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap