Unlock instant, AI-driven research and patent intelligence for your innovation.

Vulnerability mining method of mips architecture based on control flow and data flow analysis

A technology of data flow analysis and vulnerability mining, which is applied in the field of network security, can solve the problems of high difficulty in fuzzy test simulation and low efficiency of manual mining, and achieve the effects of improving mining efficiency, reducing complexity, and reducing manual intervention

Active Publication Date: 2021-11-26
NAT UNIV OF DEFENSE TECH
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] In order to solve the above technical problems, the present invention proposes a method for mining vulnerabilities in the MIPS architecture based on control flow and data flow analysis, to solve the problems of low manual mining efficiency and difficult fuzzy test simulation in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability mining method of mips architecture based on control flow and data flow analysis
  • Vulnerability mining method of mips architecture based on control flow and data flow analysis
  • Vulnerability mining method of mips architecture based on control flow and data flow analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the purpose, technical solution and advantages of the present invention clearer, the technical solution of the present invention will be clearly and completely described below in conjunction with specific embodiments of the present invention and corresponding drawings. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0023] combine first Figure 1-Figure 2 A method for mining vulnerabilities of the MIPS architecture based on control flow and data flow analysis is described as an embodiment of the present invention. Such as Figure 1-Figure 2 As shown, the method includes the following steps:

[0024] Step S101: Based on the backtracking level, determine the binary program f...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method for mining vulnerabilities in the MIPS architecture based on control flow and data flow analysis. The method includes: determining a potentially dangerous function based on the backtracking level; converting the potentially dangerous function into a control flow graph, and each of the potentially dangerous functions The dangerous function corresponds to one of the control flow graphs; set the taint inspection rules based on the vex language; judge whether there is an accessible path from the taint introduction function to the vulnerability trigger function, and if there is an accessible path, introduce the taint Function parameters are marked; through data flow analysis, it is detected whether the parameters of the vulnerability trigger function are marked with taint. According to the method of the present invention, the efficient, accurate, and low-manual intervention MIPS architecture Internet of Things vulnerability mining can detect buffer overflow and command injection risk functions existing in the binary program of the Internet of Things device, reducing the complexity of the analysis process.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method for mining vulnerabilities of the MIPS architecture based on control flow and data flow analysis. Background technique [0002] With the advent of the Internet of Everything (IoT), the scale of the Internet of Things industry continues to expand, but the relevant security standards have not kept up with the pace of development, coupled with manufacturers' weak awareness of equipment security, leading to serious security risks in the Internet of Things . [0003] According to the statistical report of the CNVD vulnerability platform operated by CNCERT, the number of general-purpose IoT device vulnerabilities recorded in 2020 reached 3,047 (a year-on-year increase of 28%), and event-type vulnerabilities were 2,141, including improper processing of data transmitted from the client by the device program. The resulting buffer overflow vulnerabilities and command inj...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06F21/57G16Y30/10
CPCH04L63/1433G06F21/577G16Y30/10G06F2221/034
Inventor 潘祖烈刘翎翔黄晖周航李阳赵军于璐
Owner NAT UNIV OF DEFENSE TECH