期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于动态符号执行的二进制程序缺陷发现系统 被引量:4

Dynamic symbolic execution based defect detection system for binary programs
下载PDF
导出
摘要 以对二进制程序进行自动化缺陷发现为目标,基于软件虚拟机的动态二进制翻译机制和污点传播机制,对符号计算需要关注的程序运行时语义信息提取、中间语言符号计算等机制进行了研究,改进了传统动态符号执行的路径调度部分,分析了程序缺陷的符号断言表达形式,构建了一个在线式的动态符号执行系统检测二进制程序中的缺陷。实验验证了该方法在实际程序缺陷发现中的有效性。 Aiming towards automatic defect detection for binary programs, based on software virtual machine' s dynamic bina- ry translation and taint propagation, this paper studied mechanisms necessary for symbolic execution including program' s run- time semantics' extraction, intermediate language based symbolic calculation, enhanced the path-scheduling mechanism in traditional dynamic symbolic execution, analyzed symbolic asserts' expressions for common program defects, with an online dynamic symbolic execution system built up detecting defects in binary programs. Experiments prove the method' s effective- ness in defect detection for real binary programs.
作者 黄晖 陆余良 夏阳
机构地区 解放军电子工程学院网络系
出处 《计算机应用研究》 CSCD 北大核心 2013年第9期2810-2812,共3页 Application Research of Computers
关键词 语义提取 动态符号执行 路径调度 二进制程序缺陷发现 semantic extraction dynamic symbolic execution path scheduling defect detection for binary programs
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献11

  • 1CADAR C, DUNBAR D, ENGLER D. Klee:unassisted and automatic generation of high-coverage tests for complex systems programs[ C ]// Proc of the 8th Symposium on Operating Systems Design and Imple- mentation. San Diego : USENIX Association, 2008:209- 224.
  • 2GOLDFROID P, KLARUND N, SEN K. DART: directed automated random testing[ C]//Proc of Programming lamguage Design and Im- plementation. New York : ACM Press, 2005 : 213- 223.
  • 3GODEFROID P, LEVIN M Y. MOLNAR D A. Automated white box fl zzing[ C ]//Proc of Network Distributed Security Symposium. San Diego : The Internet S ciet , 2008 : 151 - 166.
  • 4SONG D, BRUMLEY D, Y1N Heng,et al. BitBlaze: a new approach to computer security via binary analysis [ C ]//Proc of the 4th Interna- tional Conference on Information Society Security. [ S. 1. ] : Springer- Verlag, 2008 : 1 - 25.
  • 5YIN Heng, SONG D. TEMU: binary code analysis via whole system layered annntation execution, Technical Report UCB/EECS- 2010- 3 [ R]. Berkeley: University of California,2010.
  • 6Vine [ EB/OL ]. [ 2012- 11 - 19 ]. http ://www. bitblaze, cs. ber-edu/ vine. html.
  • 7GANESH V, DILL D L. A decisiml prncedure for bit-vectors and re'- rays[ C ]//Proc of the 19th International Cor, ference on Computer Ai- ded Verification. Berlin:Springer-Verlag,2007:519-531.
  • 8WANG Xi, CHEN Hao-gang, JIA Zhi-hao,et al. hnproving integer security for systems[ C]//Proe of the lOth USEN1X Symposium on Operating Systems Design and Implmnentation. Berkeley : USENIX As- sociation,2012 : 163-177.
  • 9EAGLEC.IDAPm权威指南[M].石华耀,段桂菊,译.北京:人民邮电出版社,2007:77.96.
  • 10SAXENA P, POOSANKAM P, symbolic execution [ C ]//Proc Symposium on Software Testing 2009:225- 236.

同被引文献16

引证文献4

二级引证文献5

计算机应用研究
2013年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部