期刊文献+

基于结构特征的二进制代码安全缺陷分析模型 被引量:1

Analysis model of binary code security flaws based on structure characteristics
下载PDF
导出
摘要 针对现有方法检测复杂结构二进制代码安全缺陷的不足,提出新的分析模型,并给出其应用方法。首先以缺陷的源代码元素集合生成特征元素集合,抽取代码结构信息,构建分析模型。然后依据各类中间表示(IR,intermediate representation)语句的统计概率计算分析模型,查找满足特征模型的IR代码组,通过IR代码与二进制代码的转换关系,实现对二进制程序中代码安全缺陷的有效检测。分析模型可应用于二进制单线程程序和并行程序。实验结果表明,相对于现有方法,应用该分析模型能够更全面深入地检测出各类结构复杂的二进制代码安全缺陷,且准确率更高。 Aiming at the shortcomings of the existing methods to detect the security flaws that have complex structures, a new analysis model and its application method was proposed. First, analysis models based on key information of code structures extracted from path subsets of characteristic element sets that are generated by source code element sets of code security flaws were constructed. Then the analysis model according to the statistical probability of each kind of IR statement was calculated, and the IR code group which matched the feature model was found. Finally, through the translating relation between binary codes and IR codes, various code security flaws of binary program were found out. The analysis models can be applied to both common single-process binary programs and binary parallel programs. Experimental results show that compared with the existing methods, the application of the analysis model can be more comprehensive and in-depth in detecting various types of complex binary code security flaws with higher accuracy.
出处 《网络与信息安全学报》 2017年第9期31-39,共9页 Chinese Journal of Network and Information Security
基金 国家自然科学基金资助项目(No.61472429) 北京市自然科学基金资助项目(No.4122041)~~
关键词 二进制分析 分析模型 软件安全缺陷检测 缺陷代码识别 binary analysis, analysis model, soft-ware security detection, flaw code recognition
  • 相关文献

同被引文献6

引证文献1

二级引证文献4

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部