A program vulnerability mining method, device, terminal and storage medium

A vulnerability mining and program technology, applied in computer security devices, instruments, computing, etc., can solve the problems of complex implementation, easy to be ignored, and the existing technology cannot carry out in-depth and effective testing, so as to improve efficiency and quality, improve code The effect of safety and reliability

Active Publication Date: 2020-08-07
TENCENT TECH (BEIJING) CO LTD
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Most of the current vulnerability mining solutions are aimed at the analysis of user-level software, and a few solutions for the kernel layer are difficult to cover the graphics library program. The main reason is that the graphics library does not belong to the core of the system and is easy to be ignored. Complex, existing technology cannot conduct in-depth and effective testing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A program vulnerability mining method, device, terminal and storage medium
  • A program vulnerability mining method, device, terminal and storage medium
  • A program vulnerability mining method, device, terminal and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings. Apparently, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0045] Firstly, the nouns involved in the embodiments of the present invention are explained.

[0046] Scripting language: also known as extended language, or dynamic language, is a programming language used to control software application programs. Scripts are usually saved in text (such as ASCII) and interpreted or compiled only when called.

[0047] Graphics library: is a program library for rendering computer graphics on a display. A set o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a program vulnerability mining method, a device, a terminal and a storage medium. The method comprises steps: selecting corresponding policy templates according to test targets; generating test cases according to the policy template, wherein the generating test cases include generating interface test cases, generating data relationship test cases and generating data flow test cases; injecting the test case into the test target, testing the test target, and saving the log in the test process; generating a replication script according to the policy template and the log.The invention can accurately and effectively discover security holes in program codes, improve code security and reliability, and simultaneously improve the efficiency and quality of vulnerability mining.

Description

technical field [0001] The invention relates to the technical field of computer security, in particular to a program loophole mining method, device, terminal and storage medium. Background technique [0002] Vulnerabilities are the trigger points for switching from secure domains to non-secure domains, that is, defects in systems or software caused by poor design in the field of computer security, allowing attackers to access or destroy systems without authorization. Vulnerabilities are static, passive, but triggerable. Vulnerability mining refers to the exploration of unknown vulnerabilities, and the comprehensive application of various technologies and tools to find potential vulnerabilities in software as much as possible. [0003] Commonly used vulnerability mining techniques include two directions: user layer and kernel layer. The main target of existing user-level vulnerability mining technologies is widely used user software, such as web browsers, office software, a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 韩鸷桐陈楠
Owner TENCENT TECH (BEIJING) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap