摘要
漏洞的修复对于应用软件的安全至关重要。为了能够及时地修复所有已知漏洞,安全防护人员需要准确地检测一个安全补丁是否被应用。提出一个基于关键路径的语义层面的漏洞补丁存在性检测工具PatchChecker,通过找寻一条在漏洞修复前后发生改变的路径,分析其语义特征,生成能代表漏洞补丁的签名信息;利用这一签名信息,在目标程序中找出对应路径进行比较,判断漏洞补丁的应用情况。PatchChecker通过聚焦于单一路径,在提升对细节变化检测能力的同时,避免了未知代码修改带来的干扰。实验表明,PatchChecker能够以较高的准确率检测漏洞补丁是否被应用。
It is very important for the security of application software to fix the vulnerability.In order to fix all known vulnerabilities in time,security researchers need to accurately detect whether a security patch has been applied or not.This paper proposes a PatchChecker for vulnerability patch existence detection tool based on the critical path at the semantic level.Through finding a path that changed before and after the vulnerability repair,and analyzing its semantic characteristics,it would generate signature information that could represent the vulnerability patch.Then,we used this signature information to find out the corresponding path in the target program for comparison,and judged the application of vulnerability patches.By focusing on a single path,PatchChecker improved the ability to detect detail changes while avoiding interference caused by unknown code modifications.The experiments show that PatchChecker can detect whether the vulnerability patch is applied with high accuracy.
作者
文琪
江喆越
张源
Wen Qi;Jiang Zheyue;Zhang Yuan(Software School,Fudan University,Shanghai 201203,China)
出处
《计算机应用与软件》
北大核心
2020年第3期1-7,12,共8页
Computer Applications and Software
基金
国家自然科学基金项目(U1636204,61602123,U1836210,U1736208,U1836213,61602121)
国家重点基础研究发展计划项目(2015CB358800)
上海市青年科技英才扬帆计划项目(16YF1400800)。
关键词
漏洞
补丁
模糊测试
模拟执行
Vulnerability
Patch
Fuzz testing
Simulation execution
