摘要
针对二进制程序漏洞检测误报率高、路径覆盖率低等问题,本文提出了一个基于机器学习的动静结合的二进制漏洞检测方法,借助动态二进制插桩工具Pin获取程序的静态特征和动态特征,通过程序切片和训练好的词向量模型转换成模型的输入向量,再结合机器学习算法检测二进制程序是否有内存泄漏、内存溢出或内存访问越界的漏洞,并定位到出现漏洞的位置。实验证明,该方法能够有效的对二进制程序进行漏洞检测和定位。与现有的二进制漏洞检测技术相比,该方法检测准确率高、漏洞定位准确且自动化程度较高。
With the development of the Internet in recent years and the prevalence of network attacks,detect-ing and fixing software vulnerabilities has become an important task.Since most of the software source pro-grams are closed,developers can only obtain the binary code of the software,so it is necessary to conduct re-search on binary code vulnerability detection.This paper proposes a binary vulnerability detection method based on the combination of dynamic and static based on machine learning.It uses the dynamic binary instru-mentation tool Pin to obtain the static and dynamic features of the program,and converts it into the input vec-tor of the model through the slice and the trained word vector model,and then combines the machine learning algorithm detects whether the binary program has memory leaks,memory overflows,or memory access out-of-bounds vulnerabilities,and locates the location of the vulnerabilities.Experiments have proved that this method can effectively detect and locate vulnerabilities in binary programs.
作者
蔡昊君
牛少彰
CAI Hao-jun;NIU Shao-zhang(School of Computer Science,Beijing University of Posts and Telecommunications,Beijing 100876,China)
出处
《新一代信息技术》
2021年第20期1-10,共10页
New Generation of Information Technology
基金
国家自然科学基金资助项目(项目编号:U1536121,61370195)。
关键词
计算机软件与理论
二进制代码
PIN
切片
机器学习
动静结合
computer software and theory
binary code
Pin
slice
machine learning
dynamic and static combination
