软件漏洞自动化利用综述

Survey of Automatic Software Vulnerability Exploitation

近年来软件漏洞数目急剧增加,漏洞危害也引起业界广泛关注.准确、高效、快速地编写出漏洞利用代码是漏洞危害性评估和漏洞修复的关键.当前漏洞利用代码主要依赖人工手动分析编写,效率较低.因此,如何实现自动化的漏洞利用代码生成是该领域研究的热点和难点.综述分析了该领域近30年的代表性成果,首先将漏洞自动化利用过程分为典型的4个环节:漏洞根源定位、可达路径搜索、漏洞原语生成、利用代码生成.然后从人机边界、攻防博弈、共性技术3个角度对上述成果进行梳理,明确当前研究的重点、难点,以及取得的阶段性成果.最后从现有成果与技术实用化所面临的差距方面,论述当前研究存在的瓶颈问题、未来的发展趋势,以及下一步的研究重点.

In recent years,the number of software vulnerabilities has increased sharply and its harmfulness has aroused widespread concern in society.Compiling vulnerability utilization code accurately,efficiently and quickly is the key to vulnerability damage assessment and vulnerability repairment.At present,the vulnerability exploitation code mainly relies on manual analysis and writing,which is inefficient.Therefore,how to realize automatic vulnerability exploitation code generation(AEG)is a hotspot and difficulty in software security research field.In this paper,we analyze the representative achievements in this field in recent 30 years.Firstly,we divide the vulnerability automatic utilization process into four typical segments:vulnerability root location,reachable path search,vulnerability primitive generation and utilization code generation.After that we sort out and select the typical work of the above achievements from the three perspectives of human-machine boundary,attack and defense game,and common basic technology.And on this basis,we define the key points,difficulties and phased achievements of the current research.Finally,from the gap between the existing achievements and the practical application of automatic exploit generation,we discuss the bottleneck problems existing in the current research,the future development trend of AEG,and the next research points we should focus on.