Citation: | DENG Zhaokun, LU Yuliang, HUANG Zhao, et al. Network program vulnerability detection technology based on program modeling[J]. Journal of Beijing University of Aeronautics and Astronautics, 2019, 45(4): 796-803. doi: 10.13700/j.bh.1001-5965.2018.0436(in Chinese) |
By studying and analyzing the vulnerability detection method of network program, a vulnerability detection method based on program modeling was proposed, and this method is aimed at the binary network program vulnerability in the C/S structure. The method analyzes the network program architecture, extracts the key system functions in different types of network programs, and develops the program modeling and detection system execution module. The technique of selective symbolic execution is adopted for detection, the semantics of hook function and the operation of trigger are customized by means of function hooks, and the execution process of symbolic data and guiding symbol is introduced. Based on this technology, a network program vulnerability detection system is realized. This system can identify the target web application using the I/O model. According to the different types of target program, it can call the different detection modules and use selective symbolic execution technology to implement the automated vulnerability detection process. The experimental results show that, compared with the existing detection tools, the system is more targeted in the vulnerability detection of network programs with higher vulnerability detection rate and good scalability.
[1] |
高瑞, 周彩兰, 朱荣.网络应用程序漏洞挖掘技术研究[J].现代电子技术, 2018, 41(3):115-119. http://d.old.wanfangdata.com.cn/Periodical/xddzjs201803027
GAO R, ZHOU C L, ZHU R. Research on vulnerability mining technology of network application program[J].Modern Electronics Technique, 2018, 41(3):115-119(in Chinese). http://d.old.wanfangdata.com.cn/Periodical/xddzjs201803027
|
[2] |
刘红梅.基于C/S和B/S体系结构应用系统的开发方法[J].计算机与现代化, 2007(11):52-54. doi: 10.3969/j.issn.1006-2475.2007.11.019
LIU H M.Development of application system based on C/S and B/S architecture[J].Computer and Modernization, 2007(11):52-54(in Chinese). doi: 10.3969/j.issn.1006-2475.2007.11.019
|
[3] |
薛卫萍, 陈文生.基于C/S结构的即时通信系统的设计与实现[J].信息通信, 2015(3):113-114. doi: 10.3969/j.issn.1673-1131.2015.03.076
XUE W P, CHEN W S.Design and implementation of real-time communication system based on C/S structure[J].Information & Communications, 2015(3):113-114(in Chinese). doi: 10.3969/j.issn.1673-1131.2015.03.076
|
[4] |
洪学海, 朱彤.基于C/S体系结构应用系统的研究与开发[J].物探化探计算技术, 1999, 21(1):59-65. doi: 10.3969/j.issn.1001-1749.1999.01.011
HONG X H, ZHU T.Research and development of C/S architecture application system[J].Computer Techniques for Giophysical and Geochenical Explopation, 1999, 21(1):59-65(in Chinese). doi: 10.3969/j.issn.1001-1749.1999.01.011
|
[5] |
LI P, MA Z, YANG H, et al.Research and design of power quality account management system based on B/S architecture[J].Electrical Engineering, 2017(10):110-114.
|
[6] |
金海, 廖小飞.P2P技术原理及应用[J].中兴通讯技术, 2007, 13(6):1-5. doi: 10.3969/j.issn.1009-6868.2007.06.001
JIN H, LIAO X F.Pinciples and application of P2P technology[J].ZTE Communications, 2007, 13(6):1-5(in Chinese). doi: 10.3969/j.issn.1009-6868.2007.06.001
|
[7] |
伊玮珑.基于B/S结构的web漏洞检测系统的设计[D].哈尔滨: 哈尔滨理工大学, 2015.
YIN W L.Design of web vulnerabilities detection system based on browser/server structure[D].Harbin: Harbin University of Science & Technology, 2015(in Chinese).
|
[8] |
杨丁宁, 肖晖, 张玉清.基于Fuzzing的ActiveX控件漏洞挖掘技术研究[J].计算机研究与发展, 2012, 49(7):1525-1532. http://d.old.wanfangdata.com.cn/Periodical/jsjyjyfz201207016
YANG D N, XIAO H, ZHAN Y Q.Vulnerability detection in ActiveX controls based on Fuzzing technology[J].Journal of Computer Research and Development, 2012, 49(7):1525-1532(in Chinese). http://d.old.wanfangdata.com.cn/Periodical/jsjyjyfz201207016
|
[9] |
吴小伟.基于动态污点分析的网络程序漏洞挖掘方法[D].武汉: 华中科技大学, 2012.
WU X W.A network software vulnerabilities discovery method based on dynamic taint analysis[D].Wuhan: Huazhong University of Science and Technology, 2012(in Chinese).
|
[10] |
王江.基于QEMU的二进制程序离线动态污点分析方法研究[D].北京: 北京理工大学, 2016.
WANG J.Research on offline dynamic taint analysis of binary program based on QEMU[D].Beijing: Beijing Institute of Technology, 2016(in Chinese).
|
[11] |
冯震, 聂森, 王轶骏, 等.基于S2E的Use-After-Free漏洞检测方案[J].计算机应用与软件, 2016, 33(4):273-276. doi: 10.3969/j.issn.1000-386x.2016.04.064
FENG Z, NIE S, WANG Y J, et al.Use-After-Free vulnerabilities detection scheme based on S2E[J].Computer Applications and Software, 2016, 33(4):273-276(in Chinese). doi: 10.3969/j.issn.1000-386x.2016.04.064
|
[12] |
CHIPOUNOV V, KUZNETSOV V, CANDEA G.S2E:A platform for in-vivo multi-path analysis of software systems[J].ACM SIGPLAN Notices, 2011, 47(4):265-278. http://d.old.wanfangdata.com.cn/Periodical/xxwlaq201207004
|
[13] |
CHIPOUNOV V, GEORGESCU V, ZAMFIR C, et al.Selective symbolic execution[C]//The Workshop on Hot Topics in System Dependability, 2009: 1286-1299.
|
[14] |
CADAR C, SEN K.Symbolic execution for software testing:Three decades later[J].Communications of the ACM, 2013, 56(2):82-90. doi: 10.1145/2408776
|
[15] |
SONG J S, KIM H, PARK S.Enhancing conformance testing using symbolic execution for network protocols[J].IEEE Transactions on Reliability, 2015, 64(3):1024-1037. doi: 10.1109/TR.2015.2443392
|
[16] |
PISTOIA M, CHANDRA S, FINK S J, et al.A survey of static analysis methods for identifying security vulnerabilities in software systems[J].IBM Systems Journal, 2007, 46(2):265-288. doi: 10.1147/sj.462.0265
|