摘要
为弥补当前软件漏洞自动检测系统无法对含堆溢出漏洞的程序进行自动检测的缺陷,提出一种Linux平台下面向堆溢出的fastbin攻击的自动检测方法。基于已有的fastbin攻击实例,利用fastbin攻击特征,建立fastbin攻击检测模型,并基于该模型给出一种fastbin攻击检测方法。运用污点分析和符号执行技术,通过监控符号数据到达漏洞触发点的关键信息构建路径约束以及触发fastbin攻击的数据约束,基于对约束的求解,判断程序是否存在fastbin攻击的可能,并生成测试用例。实验结果表明,面向堆溢出的fastbin攻击检测方法能够实现对fastbin攻击的准确检测。
The existing automatic detection systems for software vulnerabilities fail to automatically detect the programs with heap overflow vulnerabilities.To address the problem,this paper proposes an automatic detection method for heap overflow fastbin attacks on Linux platforms.Based on the fastbin attack examples,the characteristics of fastbin attacks are used to establish a detection model for fastbin attacks,and on this basis a detection method of fastbin attacks is proposed.The method uses the technique of stain analysis and symbolic execution to monitor the key information of symbol data reaching the vulnerability trigger point,and on this basis constructs path constraints and data constraints that trigger fastbin attacks.Based on the solution of constraints,the possibility of fastbin attacks in the program can be judged and test cases can be generated.Experimental results show that the proposed heap overflow fastbin attack detection method can effectively detect fastbin attacks.
作者
张超
潘祖烈
樊靖
ZHAO Chao;PAN Zulie;FAN Jing(College of Electronic Engineering,National University of Defense Technology,Hefei 230037,China;Beihai Fleet,Qingdao,Shandong 266000,China)
出处
《计算机工程》
CAS
CSCD
北大核心
2020年第10期151-158,共8页
Computer Engineering
基金
国家重点研发计划重点专项“网络空间安全”(2017YFB0802905)。
