Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Vulnerability testing method in attack and system thereof

A vulnerability detection, the current state of the technology, applied in the field of network security, can solve the problems of executable program uncertainty, reduce the accuracy of analysis results, increase the difficulty of analysis, etc., to avoid failure to analyze, reduce memory usage, and good operability Effect

Active Publication Date: 2011-08-17
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the uncertainty of the executable program itself greatly reduces the accuracy of the analysis results, such as indirect jumps, pointer aliases, etc., which are currently difficult to solve in static analysis
Software protection technology also increases the difficulty of analysis, such as polymorphism, deformation, encryption, etc., forcing static analysis or even decompiling effective code

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability testing method in attack and system thereof
  • Vulnerability testing method in attack and system thereof
  • Vulnerability testing method in attack and system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] like figure 1 As shown in , it is the flowchart of vulnerability detection during attack in the most simplified mode. The specific implementation is as follows:

[0019] 1) Virtual machine loading: the analyzed program is loaded into the virtual environment module by the virtual loader and executed at the same time. The operating system installed in the virtual environment module as the operating platform of the analyzed program is called the guest operating system. The operating system chooses Windows or Linux according to the different programs to be analyzed. The specific code is as follows: run(target program);

[0020] 2) Process positioning: A program is a static description of the code, and a process is a dynamic description of the code, that is, the running program. Since the Windows operating system is installed in the guest operating system, it is a multi-tasking operating system, that is, multiple different programs may be executed on the virtual CPU with...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a vulnerability testing method in attack and a system thereof, belonging to the field of network security. The method comprises: after programs which are analyzed is loaded into a virtual machine, whether the current running process of the virtual machine belongs to the analyzed program is recognized; if yes, whether the current code is in circulation is judged, the current status information is recorded when in circulation; if not, whether the current program is in attack is judged; if being in attack, the state s before variable which is depended by the last time program pointer can be looked for from the current recorded status information; the status information saved in the s is restored, and the program starts to run again from the state s; the concrete command which modifies the variable depended by the program pointer is found out, and the position of the command is returned; the system of the invention comprises a virtual environment module, a state selection module, a system monitoring module, a vulnerability-analysis module and a status record module. The invention has good maneuverability and high detection efficiency, and solves the problem that business software lacks a source code and can not be analyzed.

Description

technical field [0001] The present invention mainly relates to a method and system for detecting a loophole, in particular to a method and system for detecting a loophole during an attack, and belongs to the field of network security. Background technique [0002] Unknown vulnerabilities are the first-hand information that hackers and software developers hope to be the first to know. For hackers, if they obtain a certain number of unknown vulnerabilities, they can enter computers with corresponding vulnerabilities at will, carry out privilege escalation, and even further cause greater damage. With the continuous development of the network and the continuous increase of the number and types of various software, the harm caused by unknown vulnerabilities is more obvious. Most harmful worms are almost always the product of unknown vulnerabilities. For example, the well-known Shockwave utilizes Microsoft's MS03-026 vulnerability, Sasser utilizes Microsoft's MS04-011 vulnerabil...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06F21/22G06F21/56
Inventor 陈恺苏璞睿司端锋
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products