Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for generating POC (proof of concept) data

A technology for verifying data and concepts, applied in the field of generating proof-of-concept data, can solve the problem of low efficiency in constructing POC data, and achieve the effect of improving efficiency

Inactive Publication Date: 2017-11-14
ALIBABA GRP HLDG LTD
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Based on this, this application provides a method for automatically generating proof-of-concept data in vulnerability mining to solve the problem of low efficiency in constructing POC data in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for generating POC (proof of concept) data
  • Method and device for generating POC (proof of concept) data
  • Method and device for generating POC (proof of concept) data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0022] definition:

[0023] POC (Proof of concept, proof of concept): It can be an incomplete implementation of some ideas to prove its feasibility and demonstrate its principles. Its purpose is to verify some concepts or theories. In computer security jargon, proof of concept is often used as an alias for exploit. (Usually refers to an exploit that does not take full advantage of this vulnerability).

[0024] POC data: It can be an input data or process that can trigger or cause ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method and a device for generating POC (proof of concept) data. The method comprises the steps of acquiring an invoking path of a loophole code segment in a target program according to the loophole code segment which has a loophole in the codes of the target program; testing the target program according to the invoking path and input data; acquiring the corresponding input data when the target program has an abnormity, and taking the corresponding input data as the POC data. By adopting the embodiment of the invention, the POC data can be quickly constructed.

Description

technical field [0001] The present application relates to the field of testing, in particular to a method and system for generating proof-of-concept data in code audit-based vulnerability mining. Background technique [0002] Vulnerability mining refers to the process of discovering the vulnerabilities in the code after the software code is compiled. Vulnerability mining can be achieved in many ways, and fuzzing is one of the common methods. Fuzz testing is a method of discovering software vulnerabilities by providing unexpected input to the target program and monitoring abnormal results. Through fuzz testing, proof-of-concept data (POC data) of the target program can be generated. Contents of the invention [0003] However, during the research process, the inventor found that even if the program code segment with security vulnerabilities is found in the existing technology, the POC data cannot be constructed effectively and quickly, because the call structure of most pro...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
Inventor 孙伟超
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com