| 二进制代码中整数型漏洞挖掘和利用技术 |
| |
| 引用本文: | 刘亮,彭帝,杨延峰,吴润浦. 二进制代码中整数型漏洞挖掘和利用技术[J]. 四川大学学报(工程科学版), 2012, 44(1): 123-126 |
| |
| 作者姓名: | 刘亮 彭帝 杨延峰 吴润浦 |
| |
| 作者单位: | 1. 四川大学信息安全研究所,四川成都,610064
2. 中国信息安全测评中心,北京,100085 |
| |
| 摘 要: | 通过对以往二进制挖掘模型的研究,提出了一种新的二进制代码整数型漏洞挖掘方法模型,该模型综合运用了Fuzzing、逆向工程和符号执行等相关技术。首先利用逆向分析锁定与整数漏洞相关的代码部分,获得数据相关类型操作,检测敏感函数,构建函数结构流图,确定整数漏洞相关的代码部分;其次通过对汇编代码的符号执行,获得代码的输入输出关系和路径约束条件,调整Fuzzing的输入,这些可以大大提高Fuzzing的路径覆盖和效率。本模型使得二进制整数型漏洞的挖掘准确性得到了一定程度的提高。
|
| 关 键 词: | 整数型漏洞;逆向工程;Fuzzing技术;符号执行;漏洞分析 |
| 收稿时间: | 2010-08-26 |
| 修稿时间: | 2011-09-29 |
Research on Integer Type Vulnerability Mining and Usage in Binary Code |
| |
| Liu Liang,Peng Di,Yang Yanfeng and Wu Runpu. Research on Integer Type Vulnerability Mining and Usage in Binary Code[J]. Journal of Sichuan University (Engineering Science Edition), 2012, 44(1): 123-126 |
| |
| Authors: | Liu Liang Peng Di Yang Yanfeng Wu Runpu |
| |
| Affiliation: | Inst. of Info. Security,Sichuan Univ.;Inst. of Info. Security,Sichuan Univ.;Inst. of Info. Security,Sichuan Univ.;China Info. Technol. Evaluation Center |
| |
| Abstract: | By researching the previous binary mining method,a new mining model based on fuzzing,reversing and symbolic execution technology was presented.This method used reversing analysis to locate integer vulnerabilities scope,obtain related data types by IDA disassembler and SDK development kit,detect safety-sensitive functions,build function control diagram,determine the related codes of potential integer vulnerabilities,and cover each code part related.The input and output relations were obtained by symbolic execution in assembly codes and adjusting the input for fuzzing.The proposed model greatly enhances the binary integer vulnerabilities mining accuracy and efficiency. |
| |
| Keywords: | integer vulnerability reversing engineering Fuzzing technology symbolic execution vulnerability analysis |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《四川大学学报(工程科学版)》浏览原始摘要信息 |
|
点击此处可从《四川大学学报(工程科学版)》下载全文 |
