期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于二进制补丁比对的软件输入数据自动构造 被引量:2

Automatic software input data construction based on evolve algorithm
下载PDF
导出
摘要 在软件二进制补丁比对结果的基础上,提出一种基于目标的适应值函数模型。该模型对同一种群中所有个体评估,寻找优秀个体以遗传到子代中,产生能够到达或接近到达可疑函数的个体数据。该算法不需要源码。实验结果表明,该算法简化了逆向分析人员构造软件畸形数据的过程,为其快速触发软件脆弱点创造了条件。 Based on the result of software patch difference,a fitness function model based on the target is put forward. The function model is used to evaluate all of the individuals in the same population,to find and pass excellent individuals down to next generation and to generate individuals which can or nearly can get to suspicious function. This algorithm does not require source code. Experimental result shows that the algorithm simplifies the process that reverses analyzer constructs abnormal software input data and offers the opportunity to quickly trigger the software vulnerability.
作者 沈亚楠 赵荣彩 任华 王小芹 刘振华 张新宇 李鹏飞
机构地区 解放军信息工程大学信息工程学院 北京北方计算中心 中国科学院软件研究所
出处 《计算机工程与设计》 CSCD 北大核心 2010年第14期3169-3173,共5页 Computer Engineering and Design
基金 国家自然科学基金项目(60603017)
关键词 软件二进制补丁比对 函数调用图 遗传算法 适应值函数 软件输入数据自动构造 software binary path difference function call graph evolutionary algorithm fitness function automatic software input data construct
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献10

  • 1曾鸣,赵荣彩,王小芹,姚京松.一种基于反汇编技术的二进制补丁分析方法[J].计算机科学,2006,33(10):283-287. 被引量:9
  • 2Cristian Cadar,Vijay Ganesh.EXE:Automatically generating inputs of death[C].Alexandria,Virginia,USA:13th ACM Conference on Computer and Communications Security),2006:322-335.
  • 3Wang TieLei,Tao Wei.IntScope:Automatically detecting integer overflow vulnerability in X86 binary using symbolic execution[C].16th Annual Network and Distributed System Security Symposium,2009.
  • 4Holland J H.Adaptation in nature and artificial systems[M].Cambridge:MIT Press,1992:22-56.
  • 5GodBerrg D E.Genetic algorithm in search,optimization and machine learning[M].Addison-Wesley,1989:34-38.
  • 6谢晓园,许蕾,徐宝文,聂长海,史亮.演化测试技术的研究[J].计算机科学与探索,2008,2(5):449-466. 被引量:9
  • 7Xu Baowen,Xie Xiaoyuan,Shi Liang,et al.Application of genetic algorithms in software testing[M]Advances in Machine Learning Application in Software Engineering,2007:32-35.
  • 8Jeong Wook Oh,陈琛.二进制比较与反二进制比较-对抗lday和Oday[C].北京:XCon2009安全焦点信息安全技术峰会,2009:277-292.
  • 9吴毓书,周安民,吴少华,何永强,徐威.基于Fuzzing的ActiveX控件漏洞发掘技术[J].计算机应用,2008,28(9):2252-2254. 被引量:13
  • 10Wikipedia.Trivial file transfer protocol[EB/OL].http://en.wikipedia.org/wiki/Tftp.

二级参考文献19

  • 1Aho A V,Sethi R,Ullman J D.Compilers Principles,Techniques,and Tools[M]北京:机械工业出版社,2003.
  • 2Hoqlund G,Mcgraw G.Exploiting Software:How to Break Code.Addison Wesley,2004
  • 3Currie D W,Hu A J,Rajan S.Automatic formal verification of DSP software.In:Proceedings of the 37th Annual ACM IEEE Conference on Design Automation(DAC'00),ACM Press,2000.130~135
  • 4Feng X,Hu A J.Automatic formal verification for scheduled VLIW code.In:Proceedings of the JointConference on Languages,Compilers and Tools for Em-bedded Systems & Software and Compilers for Embed-ded Systems (LCTES/SCOPES' 02),ACM-Press,2002.85~92
  • 5Necula G C.Translation validation for an optimizing compiler.In:Proceedings of the ACM SIGPLAN 2000 Conference on Programming Language Design and Implementation (PLDI'00),ACM Press,June 2000.83~94
  • 6Pnueli A,Siegel M,Singerman E.Translation validation.In:Proceedings of the 4th International Conference on Tools and Algorithms for Construction and Analysis of Systems (TACAS'98).vol 1384,Lecture Notes in Computer Science.Springer-Verlag Heidelberg,Mar 1998.151~166
  • 7Sabin T.Comparing binaries with graph isomorphisms.http://razor.bindview.com/publish/papers/comparing-binaries.html.2004
  • 8Dullien T,Rolles R.Graph-based comparison of executable objects.http://www.sabre-security.com/files/BinDiffSSTIC05.pdf.2005
  • 9DataRescue.IDA Pro disassembler.http://www.datarescue.com/idabase.2005
  • 10SUTTON M, GREENE A, AMINI P. FUZZING brute force vulnerability discovery [M]. Reading, MA: Addison-Wesley, 2007.

共引文献27

同被引文献16

  • 1曾鸣,赵荣彩,王小芹,姚京松.基于结构化函数签名的二进制补丁分析[J].计算机工程,2006,32(14):43-45. 被引量:3
  • 2Wang T, Wei T, Gu G, et al. Checksum-aware fuzzing combined with dynamic taint analysis and symbolic execution[ J]. ACM Transactions on Information and System Security (TISSEC) , 2011, 14(2) : 15.
  • 3Li C, Wei Q, Wang Q. RankFuzz: Fuzz Testing Based on Comprehensive Evaluation[ C]//Proceedings of Multimedia Infor- mation Networking and Security (MINES). 2012: 939-942.
  • 4HowardM,LipnerS.软件安全生命开发周期[M].北京:电子工业出版社,2008:3-10.
  • 5Tian D, Zeng Q, Wu D, et al. Kruiser: Semi-synchronized Non-blocking Concurrent Kernel Heap Buffer Overflow Monitoring [ C]//Proceedings of the 18th Annual Network and Distributed System Security Symposium(NDSS). 2012:536-542.
  • 6Zeng Q, Wu D, Liu P. Cruiser: Concurrent heap buffer overflow monitoring using lock-free data structures[ C ]//Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation. 2011:367-377.
  • 7Wang Z, Jiang X. HyperSafe:A lightweight approach to provide lifetime hypervisor control-flow integrity[ C ]//Proceedings of the 2010 IEEE Symposium on Security and Privacy. 2010:380-395.
  • 8金然,魏强,王清贤.基于归一化的变形恶意代码检测[J].计算机工程,2008,34(5):169-171. 被引量:5
  • 9傅建明,乔伟,高德斌.一种基于签名和属性的可执行文件比较[J].计算机研究与发展,2009,46(11):1868-1876. 被引量:5
  • 10沈亚楠,赵荣彩,王小芹,任华,刘振华,张新宇,李鹏飞.二进制补丁比对中的指令归一化算法[J].计算机工程,2010,36(15):46-48. 被引量:3

引证文献2

二级引证文献7

计算机工程与设计
2010年 第14期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部