摘要
软件漏洞是信息系统面临的主要安全威胁之一,设计和实现高性能、高检出率的二进制程序函数漏洞同源性判别系统,挖掘应用程序中已披露漏洞的同源漏洞,对于提升二进制程序的安全性具有重大意义.基于已有研究成果,设计并实现一套B/S(Browser/Server)架构的在线二进制程序函数漏洞同源性判别实验系统,支持主流同源判别方法.经测试,系统能够达到预期的功能和性能指标,有效完成漏洞同源性判别任务,对不同大小的文件均具有良好的处理能力,具有良好的兼容性和并发性.
Software vulnerability is one of the main security threats faced by information systems,and most of the software exists in binary form.Designing and implementing a high-performance and high detection rate binary program function vulnerability homology discrimination system and mining the homologous vulnerabilities of the disclosed vulnerabilities in applications are of great significance to improve the security of binary programs.Based on the above research results of binary program function vulnerability homology discrimination,this paper designs and implements an online binary program function vulnerability homology discrimination experimental system based on B/S(Browser/Server)architecture,which supports the above mainstream homology discrimination methods and the functions of ELF format binary file upload,vulnerability homology discrimination,visual display of discrimination results and historical query.After testing,the system can achieve the expected function and performance indicators,effectively complete the task of identifying vulnerability homology,have good processing ability for files of different sizes,and have good compatibility and concurrency.
作者
陈亮
李嘉伟
韩明璐
CHEN Liang;LI Jiawei;HAN Minglu(Beijing Branch of National Computer Network Emergency Technology Processing and Coordination Center,Beijin g 100056,China;School of Information and Electronics,Beijing University of Technology,Beijing 100081,China)
出处
《辽宁师范大学学报(自然科学版)》
CAS
2022年第3期328-335,共8页
Journal of Liaoning Normal University:Natural Science Edition
基金
国家242安全计划项目(2020A065)。
关键词
漏洞同源性判别
二进制程序
高维特征向量
vulnerability homology discrimination
binary program
high dimensional feature vector
