Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method

A technology that integrates systems and vulnerabilities, applied in the fields of software engineering and information security, can solve the problems of blind black-box testing, difficult static analysis, poor pertinence, etc., and achieve the effects of improving test coverage, easy expansion, and controllable vulnerability detection capabilities

Inactive Publication Date: 2015-05-06
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF2 Cites 45 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, most of the software does not provide the source code, so it is difficult to carry out effective static analysis, especially in the case of using imported software and other commercial software, and cannot fully control all aspects of software development, it is necessary to conduct in-depth analysis and analysis of the security of software implementation. Strict evaluation is an important means to ensure the security of information systems, gray box testing is particularly important
[0006] In the process of dynamic vulnerability mining for binary programs, the most commonly used methods are white-box testing and black-box testing. The defects detected by white-box testing may not be triggered during operation, while black-box testing has great blindness.
At the same time, a single method is often used in the testing process, which is inefficient and poorly targeted, and different vulnerabilities have different patterns, so it cannot be generalized for all types of vulnerabilities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method
  • Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method
  • Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The specific implementation manners of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0035] Such as figure 1 As shown, the present invention adopts the task pipeline mechanism to clarify the cross-validation relationship and mutual data support capabilities between different vulnerability mining technologies and tools, and organize the core process of vulnerability mining according to the pipeline mode according to the specific vulnerability mode. Finally, three technologies of dynamic taint analysis, symbolic execution and fuzz testing are integrated, and an integrated system of dynamic vulnerability mining for binary programs is realized.

[0036] Functional structure of the present invention such as figure 2 As shown in , it presents the specific interaction and information transfer process among the system-integrated dynamic taint analysis technology, symbolic execution technology and fuzzing technology. ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a mode-based dynamic vulnerability discovery integrated system and a mode-based dynamic vulnerability discovery integrated method. The mode-based dynamic vulnerability discovery integrated system comprises a dynamic taint analysis module, a test case selection module, a restraint solving module and a management module. The mode-based dynamic vulnerability discovery integrated method comprises the following steps: firstly, transmitting a seed case to an application program, tracking the transmission of taint data in the program by use of the dynamic taint analysis module, then expressing a transmission track by use of symbols, thereby obtaining a symbolized taint transmission path by virtue of combination of a dynamic taint analysis technology and a symbol execution technology; then by taking the symbolized taint transmission path as input of the restraint solving module, performing restraint solving to obtain a new test case, re-transmitting the test case to the application program, and further performing subsequent operations, wherein the whole process is performed under unified dispatching management of the management module. According to the mode-based dynamic vulnerability discovery integrated system and the mode-based dynamic vulnerability discovery integrated method, the automation degree and efficiency of dynamic vulnerability discovery for a binary program are improved, the generated test data accuracy and the efficiency are high, and thus a fuzzy test process is high in pertinency.

Description

technical field [0001] The invention relates to a dynamic vulnerability data mining integration system and method for binary programs, belonging to the fields of software engineering and information security. Background technique [0002] With the rapid development of information technology and the continuous progress of society, information is becoming more and more important to the development of modern society, and the resulting information security issues have also attracted more attention. As an important part of information security, network security is related to national security and social stability, and its importance has become increasingly prominent with the acceleration of global informatization. [0003] For a long time, software security vulnerabilities have been the main root cause of various network security. According to the investigation and analysis of the National Computer Virus Emergency Response Center, "unpatched network (system) security holes" are ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
Inventor 马恒太王雪飞吴晓慧景丽莎颜学雄
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products