Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Vulnerability detection method and device based on optimization variation strategy, equipment and medium

A vulnerability detection and mutation technology, applied in the computer field, can solve the problems of enterprise and even personal losses, dangerous security loopholes, increased difficulty of security loopholes, etc., to achieve the effect of loophole detection, security assurance, and improvement of loophole detection efficiency

Active Publication Date: 2021-05-28
NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT +1
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are many choices for the development language of the application program. Because developers lack sufficient awareness of information security and network security, and do not pay enough attention to code quality and code security issues, there are some dangers in various applications. If the security loopholes are exploited by black production personnel, it will cause huge losses to the enterprise and even individuals
However, due to the high coupling caused by programmers when developing applications, easily exploitable security vulnerabilities and code backdoors are no longer limited to the past forms. It is more difficult to detect security vulnerabilities in source code using traditional methods, which not only leads to vulnerabilities The efficiency of detection is reduced and the vulnerability cannot be effectively detected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method and device based on optimization variation strategy, equipment and medium
  • Vulnerability detection method and device based on optimization variation strategy, equipment and medium
  • Vulnerability detection method and device based on optimization variation strategy, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to make the purpose, technical solutions and advantages of the present disclosure clearer, the present disclosure will be further described in detail below in conjunction with specific embodiments and with reference to the accompanying drawings.

[0040] It should be noted that, unless otherwise defined, the technical terms or scientific terms used in the embodiments of the present disclosure shall have ordinary meanings understood by those skilled in the art to which the present disclosure belongs. "First", "second" and similar words used in the embodiments of the present disclosure do not indicate any sequence, quantity or importance, but are only used to distinguish different components. "Comprising" or "comprising" and similar words mean that the elements or items appearing before the word include the elements or items listed after the word and their equivalents, without excluding other elements or items.

[0041] For applications, detecting and analyzing t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a vulnerability detection method and device based on an optimization variation strategy, equipment and a medium. The method comprises the following steps: acquiring a source code of a target application program; compiling and instrumenting the source code to obtain an internal variable and a judgment condition of each branch in the structure of the source code, and forming a branch-internal variable mapping relationship; performing byte-by-byte change on each input byte included in an input variable of the target application program, determining an internal variable which changes along with the changed input byte in the source code, and obtaining an input byte-internal variable mapping relationship; based on the branch-internal variable mapping relationship and the input byte-internal variable mapping relationship, generating the optimization variation strategy about the input bytes; and performing fuzzy testing on the source code based on the optimization variation strategy to obtain a vulnerability detection result. According to the method and the device, rapid vulnerability detection of the source code of the application program is realized, the security of the application program is ensured from the source, and the vulnerability detection efficiency is improved.

Description

technical field [0001] The present disclosure relates to the field of computer technology, in particular to an application testing method, device, equipment and medium based on an optimization mutation strategy. Background technique [0002] With the rapid increase of the scale of the Internet and the rapid increase of the number of network users, various WEB-based network applications and services are also massively increasing. In recent years, along with more and more user demands, various application programs have also been continuously developed, prompting the scale of the source code of the application programs to continuously increase. There are many choices for the development language of the application. Because developers lack sufficient awareness of information security and network security, and do not pay enough attention to code quality and code security issues, there are some dangers in various applications. If the security loopholes are exploited by black prod...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57
CPCG06F21/563G06F21/577
Inventor 张嘉玮何跃鹰张晓明杜鹏曹可建谷杰铭邢燕祯张程鹏关广振何连瑶周雨晨涂腾飞
Owner NAT COMP NETWORK & INFORMATION SECURITY MANAGEMENT CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com