Supercharge Your Innovation With Domain-Expert AI Agents!

Single-time multi-vulnerability code detection method and system

A technology of vulnerability detection and code detection, applied in the field of information security, to achieve wide applicability, improve security level, and high feasibility

Pending Publication Date: 2022-04-05
SHANGHAI JIAO TONG UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Aiming at the above-mentioned deficiencies in the prior art, the present invention proposes a single-time multi-vulnerability code detection method and system to quickly detect problems such as memory leaks, pointer double release and use after release, and constant sensitive data. Perform effective analysis and evaluation, have good scalability and support more types of code vulnerability detection, while greatly ensuring user code security and reducing labor costs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single-time multi-vulnerability code detection method and system
  • Single-time multi-vulnerability code detection method and system
  • Single-time multi-vulnerability code detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Such as figure 1 As shown, it is an automatic code vulnerability detection system involved in this embodiment, which is implemented on the framework of LLVM version 12.0. The system includes: a preprocessing module, a vulnerability detection module, and a false positive filtering module, wherein: the preprocessing module utilizes LLVM to compile The tool converts the C language source code of the code to be tested into the LLVM intermediate language, performs type-sensitive pointer analysis on it, and constructs a function call graph of the entire project; using the function call graph and pre-marked memory operation functions and cryptographic functions, from the to-be-tested The value flow graph of memory objects and global constants is built in the LLVM intermediate language of the detection code; the vulnerability detection module constructs a code vulnerability detection mode by summarizing the characteristics of different types of code vulnerabilities, and then sel...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a single-time multi-vulnerability code detection method and system, and the method comprises the steps: converting a to-be-detected code into an LLVM intermediate language through an LLVM compiler, carrying out the type-sensitive pointer analysis, and constructing a program call graph of a whole program code; then, a value flow graph of a whole program code memory object and a global constant is constructed according to a pre-marked function, and abstract modeling representation is carried out on memory leak and pointer dual release and use after release and constant sensitive data; marking code points with security vulnerabilities through traversal of a value flow graph and code security problem mode matching; and finally, carrying out modeling on false alarm modes of different code vulnerabilities, carrying out false alarm filtering on the collected vulnerability code points, and outputting the residual vulnerability code points to obtain a final code security vulnerability report. The method has good expansibility, supports detection of more types of code vulnerabilities, greatly guarantees the security of user codes, and reduces the labor cost.

Description

technical field [0001] The present invention relates to a technique in the field of information security, in particular to a method and system for single-shot multi-vulnerability code detection. Background technique [0002] Code problems emerge in endlessly. From the underlying operating system to various smart terminals widely used in daily life, the vulnerability problems caused by unsafe code will make users threatened by malicious attackers. Memory-related code security issues can lead to user data leakage, denial-of-service attacks, and even remote code execution; cryptography-related vulnerabilities can also cause the confidentiality, integrity, and availability of user data to be compromised. The cause of the above problems is the negligence of programmers or the lack of relevant security knowledge, which leads to code fragments that can be used by malicious attackers in the code. The accuracy and efficiency of existing vulnerability detection tools have always been...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
Inventor 高旺李卷孺谷大武
Owner SHANGHAI JIAO TONG UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com