46 results about "Vulnerability model" patented technology

The invention provides a binary program vulnerability discovery method. The binary program vulnerability discovery method comprises steps of converting a target binary program into an assembly language, and carrying out static analysis to the assembly language; carrying out Promela model modeling to an intermediate language by combining the analysis result of the static analysis; establishing a vulnerability model and inserting the vulnerability model into the Promela model; introducing an external C code, simulating and executing the Promela model based on an SPIN, and detecting the vulnerability. The invention also provides a binary program vulnerability discovery system comprising a preprocessor module, a code conversion module and a model detection module. With respect to the binary program vulnerability discovery method and system, the intermediate language BIL is introduced to serve as a conversion bridge through which the binary program is converted into the Promela model, automatic modeling of the binary program is achieved, the embedded C function of the SPIN is employed to achieve simulation and execution, and the external C code is introduced to correct the defect of model detection. Experimental results show that the binary program vulnerability discovery method can effectively detect memory destructive vulnerabilities of binary programs.

The invention relates to a software security detection method based on combination of a vulnerability model and symbolic execution. The method comprises following steps of symbolizing input test data interacted by a program and an external environment; determining symbolic variables in a symbolic execution process; starting symbolic execution and actual execution; collecting path constraint conditions in the symbolic execution process; obtaining corresponding relationship information of the input data and a program operation path; according to the path constraint conditions, checking whether there is a code region possibly triggering a vulnerability or not; calculating a constraint condition capable of driving the program to be guided to the code region; according to the vulnerability ode, calculating a constraint condition possibly triggering the vulnerability; invoking an STP constraint solver to calculate the path constraint condition possibly triggering the vulnerability, thus obtaining input data possibly triggering the vulnerability; and loading the new input data in a to-be-tested program, thus carrying out a new round of test. According to the method, the program path through risk code region can be analyzed deeply; relatively accurate test input data is generated; the program vulnerability detection is triggered; and the software security is improved.

The invention relates to a sensitive point approximation method based on intelligent route guidance. The method comprises the steps that vulnerability models of different types are extracted, and the position of a sensitive point is recognized through static analysis; upward backtracking is performed by taking the sensitive point as a starting point and adopting a route backtracking algorithm to look up all route branch points and is performed until the route branch point which is nearest away from a program entry point is found; instruction level instrumentation is performed on a tested program, an original sample is input, and a binary instruction sequence related to dirty points is recorded; the binary instruction sequence is lifted into intermediate language description; route branch points of the intermediate language description are acquired and turned according to whether the branch points are located in a set, and control flow is guided to reach the sensitive point; a constraint normal form is extracted from turned intermediate language description, solving is performed with an STP constraint solver, a new sample is generated, and returning is performed to re-input the sample. According to the method, the control flow is guided to reach the sensitive point position through the sensitive point, the problem of route explosion is effectively solved, and the vulnerability mining efficiency is improved.

The invention provides a software vulnerability model test method based on vulnerability models. The method comprises the following steps: 1) the vulnerability models are loaded into a flow process from a database, that is, the vulnerability models are put into a memory, and data structures of the vulnerability models are established and used for reference during analyses of programs; 2) in the previous step for testing the models, models are tested according to relevant operations of vulnerability based on functions; and 3) in the final step for testing the models, the models are tested for principal functions, the states are tested and the existence of vulnerability is reported according to relevant operations of vulnerability and the model test results in the previous step. The vulnerability model load flow is as follows: the vulnerability models consist of vulnerability state nodes and gathers with directed edges; a flow for operating transition tables retrieved according to the directed edge types is established in a memory; irrelevant operations are filtered and removed through abstracting and processing programs in an abstract manner; the operation sequence flow relative to the vulnerability models is abstracted; and each function program feature corresponds to an operation sequence linked list.

A computer implemented method monetizes the security of a cyber-system in terms of losses each stakeholder may expect to lose if a security break down occurs. A non-transitory media stores instructions for generating a stake structure that includes costs that each stakeholder of a system would lose if the system failed to meet security requirements and generating a requirement structure that includes probabilities of failing requirements when computer components fails. The system generates a vulnerability model that includes probabilities of a component failing given threats materializing and generates a perpetrator model that includes probabilities of threats materializing. The system generates a dot product of the stakes structure, the requirement structure, the vulnerability model and the perpetrator model. The system can further be used to compare, contrast and evaluate alternative courses of actions best suited for the stakeholders and their requirements.

The invention discloses a multi-relational graph network-based vulnerability model construction method and a detection method thereof, and the method comprises the steps: collecting a source code program file, carrying out the preprocessing of the source code program file, obtaining a function block, and according to whether a function name corresponding to the function block contains a good and a bad, enabling a corresponding label to be a function block without a vulnerability and a function block with a vulnerability; processing the function blocks without the vulnerabilities and the function blocks with the vulnerabilities to obtain respective corresponding second abstract syntax trees; and performing first traversal on the second abstract syntax tree to obtain seven edge relationships. On the basis of extracting node information of the abstract syntax tree in the prior art, seven edge relationships are added, and the seven edge relationships can remarkably improve the accuracy rate in the aspect of vulnerability detection and reduce the missing report rate; when the GGNN vulnerability model is built, the GRU and the highway gate are fused to improve the propagation speed of the vector among different relational graphs, so that the model training period is shortened, and the technical problem that the detection effect of a vulnerability detection model is poor in the prior art is solved.

The invention discloses a software vulnerability model detection method based on a vulnerability model, which comprises the following steps of: performing state derivation on execution input, a software calling process and a function set of software so as to judge whether state transition exceeds a safe range or not; feature code scanning and specific function or specific process detection can be carried out on the public vulnerabilities to determine whether the software system has the vulnerabilities or not; for unknown vulnerabilities, whether a software system has vulnerabilities or not can not be obtained through direct detection generally, and due to the fact that the unknown vulnerabilities often cause the vulnerabilities for specific execution processes and / or specific input conditions of unsafe codes, the method solves the problem that the vulnerabilities cannot be generated in the process of system vulnerability detection and protection in Web application at present. In the prior art, the privacy of data information cannot be effectively protected, and an attacker can identify the information of the Web site accessed by the user according to the contour features of the Web information flow, so that the Web content of the user is leaked.

A method for assigning vulnerability indicators of a combat aircraft system. By establishing a vulnerability model of a certain type of fighter, under certain threat strikes, determine the initial parameters of vulnerability, and then determine the number of times the aircraft has been hit and the number of times each component has been hit. Then determine the independent state of the aircraft and the probability of each state being hit, and substitute the above data into the calculation formula of the comprehensive importance and Griffith importance to obtain the comprehensive importance and Griffith importance of each component. Finally, the fragility of the whole machine is allocated by using the fragility index allocation method, and the fragility of each component can be obtained. After obtaining the fragility assigned to each component, the fragility reduction is performed on the components with high fragility to reduce its fragility, thereby improving the survivability of the aircraft.

The invention relates to a sensitive point approximation method based on intelligent route guidance. The method comprises the steps that vulnerability models of different types are extracted, and the position of a sensitive point is recognized through static analysis; upward backtracking is performed by taking the sensitive point as a starting point and adopting a route backtracking algorithm to look up all route branch points and is performed until the route branch point which is nearest away from a program entry point is found; instruction level instrumentation is performed on a tested program, an original sample is input, and a binary instruction sequence related to dirty points is recorded; the binary instruction sequence is lifted into intermediate language description; route branch points of the intermediate language description are acquired and turned according to whether the branch points are located in a set, and control flow is guided to reach the sensitive point; a constraint normal form is extracted from turned intermediate language description, solving is performed with an STP constraint solver, a new sample is generated, and returning is performed to re-input the sample. According to the method, the control flow is guided to reach the sensitive point position through the sensitive point, the problem of route explosion is effectively solved, and the vulnerability mining efficiency is improved.

The invention discloses a construction method of a typical armed helicopter vulnerability model, key parts are damaged to cause key function failure of an armed helicopter, and the key parts comprise a detector cabin, a cockpit, an electronic equipment cabin, a generator, a transmission device, an oil tank, an engine, a tail beam and ammunition. If some of the key components above are damaged, armed helicopter will be correspondingly damaged in different degrees. The vulnerability of the armed helicopter can be analyzed in a contrastive manner according to the damage of the key parts by determining the vulnerable key parts of the armed helicopter in the actual construction model and establishing the equivalent model of the damage of the key parts; therefore, a more effective judgment basis can be provided when people analyze the vulnerability of the armed helicopter, and meanwhile, key components are used as vulnerability evaluation indexes, so that a more accurate theoretical basis is conveniently provided for the establishment of a subsequent computer simulation model.

The invention provides a binary program vulnerability discovery method. The binary program vulnerability discovery method comprises steps of converting a target binary program into an assembly language, and carrying out static analysis to the assembly language; carrying out Promela model modeling to an intermediate language by combining the analysis result of the static analysis; establishing a vulnerability model and inserting the vulnerability model into the Promela model; introducing an external C code, simulating and executing the Promela model based on an SPIN, and detecting the vulnerability. The invention also provides a binary program vulnerability discovery system comprising a preprocessor module, a code conversion module and a model detection module. With respect to the binary program vulnerability discovery method and system, the intermediate language BIL is introduced to serve as a conversion bridge through which the binary program is converted into the Promela model, automatic modeling of the binary program is achieved, the embedded C function of the SPIN is employed to achieve simulation and execution, and the external C code is introduced to correct the defect of model detection. Experimental results show that the binary program vulnerability discovery method can effectively detect memory destructive vulnerabilities of binary programs.