A crash analysis method and system for binary programs

A binary program and crash analysis technology, which is applied in the crash analysis method and system field for binary programs, can solve the problems of long time consumption, large memory consumption, and long time consumption, and achieve the effect of reducing reading and writing time and reducing costs

Active Publication Date: 2022-03-29
CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method of first recording the program execution track, and then performing virtual replay of the program according to the program execution track file is an offline analysis method, but the disadvantage is that it takes too long; the other is to use tools such as pin and dynamoRIO for instrumentation. Analyzing while the program is running belongs to an online analysis method. Because online analysis records and analyzes the tested program, there are problems such as large memory consumption and long time consumption.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A crash analysis method and system for binary programs
  • A crash analysis method and system for binary programs

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] All features disclosed in all embodiments in this specification, or steps in all implicitly disclosed methods or processes, except for mutually exclusive features and / or steps, can be combined and / or extended and replaced in any way.

[0037] Such as figure 1 , shown in 2, a crash analysis method for binary programs, the whole method takes the program and the use cases that cause the program to crash as input. The information collection part is mainly divided into two parts: the instrumentation module performs code instrumentation on several key positions and basic blocks, and then runs the program to record information; the taint module takes the program input as a taint, and tracks the taint during program execution At the same time, each executed instruction is symbolized, and finally according to the symbolized content, reverse slices are performed from the crash point to record information. Finally, based on the information, data analysis is carried out to obtain ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a crash analysis method and system for binary programs, including steps: S1, information collection and processing, in this step, the instrumentation module performs code instrumentation on multiple key positions and basic blocks, and then runs the program , record information; the taint module takes the program input as taint, tracks the spread of taint during program execution, and at the same time, performs symbolic operation on each executed instruction, and finally performs reverse slice from the crash point according to the symbolic content , record information; S2, analyze based on the data processed in step S1, and obtain the program execution trajectory diagram, stain propagation trajectory diagram and crash causes, etc.; the present invention can analyze the program without source code, and collect the program running Crash information, crash backtracking, locating the crash point, determining the cause of the crash, etc., greatly reduces the cost of manual analysis, and can assist vulnerability analysts to quickly determine the mechanism of the program crash.

Description

technical field [0001] The present invention relates to the field of computer information security, and more specifically, to a crash analysis method and system for binary programs. Background technique [0002] With the exponential growth of the number of programs, the security of programs has attracted more and more attention. A program crash often means that the code of the program itself is unreasonable, or there are some potential loopholes in the program itself. Fuzz testing technology has developed rapidly in recent years. The principle of fuzz testing is a method to find software vulnerabilities by providing unexpected input to the target system and monitoring abnormal results. It can effectively cause a large number of program crashes. However, , a large number of crashes also requires a lot of manpower to evaluate the effectiveness of the crashes. How to analyze these crashes more automatically, evaluate the cause of the crash, and judge whether it is a vulnerabi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36
CPCG06F11/3636G06F11/3644G06F11/366
Inventor 唐娜饶志宏李芒
Owner CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap