Program operation characteristic extracting method for detecting vulnerability model

Abstract

A method of program feature extraction for detecting software vulnerability models comprises steps of 1) loading a vulnerability model from a database to a memory, using the vulnerability model as a reference when analyzing the program and creating a data structure of the vulnerability model, 2) loading a program and a feature analysis extracting process, abstracting software codes compiled via a gcc, and extracting required operations according to the operating information related to the vulnerability model to obtain a sequence of program feature, namely a program feature sequence for detecting the vulnerability model. The loading process of the vulnerability model includes: the vulnerability model is composed of state nodes of the vulnerability state and the set of directed edges. The process of loading the program and extracting features includes extracting information related to the vulnerability state in a program control flow chart, and then organizing the information in terms of functions. The process of extracting the operating sequence related to the vulnerability model includes that each function program feature corresponds to one operation sequence linked list, and the operating sequence linked lists are organized in terms of functions, wherein the node of the operating sequence linked list is an operation or function related to the vulnerability state.

Description

technical field [0001] The invention relates to a computer software loophole detection method, in particular to a method for extracting program operation features of a loophole model based on the detection. Background technique [0002] As the size and complexity of software grow, so do the hidden security holes and the threat of loss from attacks. The fundamental solution to prevent system attacks and intrusions is to find and eliminate software defects before they are exploited. Software code detection for software security vulnerabilities is one of the important means to predict and prevent vulnerabilities. Vulnerability static detection is a more effective code vulnerability detection technology, and the vulnerability model detection method is one of the representative detection methods. In order to conduct model detection based on the vulnerability state machine model, we propose a program operation feature extraction method for vulnerability model detection to provid...

AI Technical Summary

Problems solved by technology

[0004] The object of the present invention is: to propose a detection target for a software vulnerability model based on the vulnerability model, aiming at the problems of a large amount of repetitive work and affecting the detection speed in the current software vulnerability detection method, based on the state machine model of the software vulnerability, using the control flow graph and Data flow analysis technology extracts the program features related to the state machine model of software vulnerabilities, and abstracts the software code to model, which can be used for static detection of vulnerabilities to determine the existence of the vulnerability model in the code

Images