Vulnerability detection method and device, equipment and storage medium

A vulnerability detection and detection technology, applied in the field of network information security, can solve the problems of low precision, high false alarm rate/missing negative rate, etc., achieve low false positive rate and false negative rate, high accuracy rate, and alleviate high false positive rate effect of influence

Inactive Publication Date: 2021-08-24
SICHUAN UNIV
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, these detection methods have disadvantages such as high false positive rate / missing negative rate and low precision.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method and device, equipment and storage medium
  • Vulnerability detection method and device, equipment and storage medium
  • Vulnerability detection method and device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] Next, the technical scheme in the present application will be clear and completely, and the embodiments described herein are described herein, and not all of the embodiments of the present disclosure, not all of the embodiments of the present application. Based on the embodiments in this application, all other embodiments obtained by those of ordinary skill in the art without creative labor, are the scope of the present application.

[0046] There are still some problems with existing binary code clone vulnerability detection techniques, such as:

[0047] I. Pattern-based matching requires experts to define the cost of human labor costs, and typically produce a high false positive rate or leakage rate.

[0048] Second, code-based similarity detection can only detect code multiplex vulnerabilities, and for the case with different code structures, but there is a similar vulnerability triggering scene, it will lead to higher missing.

[0049] Third, due to the existence of the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a vulnerability detection method and device, equipment and a storage medium, and relates to the technical field of network information security, and the method comprises the following steps: firstly, decompiling a binary code of a to-be-detected program into a pseudo code; detecting a dangerous function in a pseudo code, then taking the dangerous function as a slice point, extracting a slice code related to the calling of the dangerous function, then converting the slice code into vector representation, and finally taking the vectorized slice code as input, and judging whether a program to be detected contains vulnerabilities or not by detecting a neural network. The method can be used for cross-architecture and cross-platform binary code vulnerability recognition scenes, fine-grained detection of vulnerabilities is achieved on the binary code level, automatic feature extraction can be effectively achieved, the high false alarm influence caused by different compilation options and patch codes is relieved, and the method has extremely high accuracy and extremely low false alarm rate and missing report rate.

Description

Technical field [0001] In particular, in terms of network information security technology, in particular, there is a vulnerability detection method, apparatus, device, and storage medium. Background technique [0002] There are many current network attacks through vulnerability, so the vulnerability has found a important research direction in the security field. [0003] Since there is a large number of reused code libraries or shared code logics in the software system (for example, similar objects have similar processing logic in different purposes), there is a wide range of similar features in actual procedures but have not been discovered. Vulnerability. Also, many developers do not perform in-depth security analysis when reuse libraries to discover potential vulnerabilities in code. Therefore, repetitive vulnerability detection has been widely popular, especially with the increase in vulnerability. [0004] For existing binary code clone vulnerability detection, it is mainly ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06N3/04
CPCG06F21/577G06N3/045
Inventor 贾鹏王炎刘嘉勇
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap