基于结构特征的二进制代码安全缺陷分析模型

doi:10.11959/j.issn.2096-109x.2017.00200

Abstract

Abstract:

Aiming at the shortcomings of the existing methods to detect the security flaws that have complex structures,a new analysis model and its application method was proposed.First,analysis models based on key information of code structures extracted from path subsets of characteristic element sets that are generated by source code element sets of code security flaws were constructed.Then the analysis model according to the statistical probability of each kind of IR statement was calculated,and the IR code group which matched the feature model was found.Finally,through the translating relation between binary codes and IR codes,various code security flaws of binary program were found out.The analysis models can be applied to both common single-process binary programs and binary parallel programs.Experimental results show that compared with the existing methods,the application of the analysis model can be more comprehensive and in-depth in detecting various types of complex binary code security flaws with higher accuracy.

Key words: binary analysis, analysis model, software security detection, flaw code recognition

CLC Number:

TP309.5

Tuan XU,Lei-lei QU,Wen-chang SHI. Analysis model of binary code security flaws based on structure characteristics[J]. Chinese Journal of Network and Information Security, 2017, 3(9): 31-39.

Figures/Tables 7

References 17

[1]	LANDWEHR C E , BULL A R , MCDERMOTT J P ,et al. A taxonomy of computer program security flaws[J]. Computing Surveys , 1994,26(3): 211-254.
[2]	WEBER S , KARGER P A , PARADKAR A . A software flaw taxonomy:aiming tools at security[C]// The Workshop on Software Engineering for Secure Systems—Building Trustworthy Applications. 2005: 1-7.
[3]	HUI Z , HUANG S , REN Z ,et al. Review of software security defects taxonomy[C]// The 5th International Conference on Rough Set and Knowledge Technology,Lecture Notes in Computer Science. 2010: 310-321.
[4]	ZHANG B , FENG C , WU B ,et al. Detecting integer overflow in windows binary executables based on symbolic execution[C]// The 17th IEEE/ACIS International Conference on Software Engineering,Artificial Intelligence,Networking and Parallel/Distributed Computing. 2016: 385-390.
[5]	SIDIROGLOU-DOUSKOS S , LAHTINEN ERIC , RITTENHOUSE N ,et al. Targeted automatic integer overflow discovery using goal-directed conditional branch enforcement[C]// The Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems. 2015: 473-486.
[6]	YADEGARI B , STEPHENS J , DEBRAY S . Analysis of exception-based control transfers[C]// The Seventh ACM on Conference on Data and Application Security and Privacy. 2017: 205-216.
[7]	MING J , WU D , WANG J ,et al. StraightTaint:decoupled offline symbolic taint analysis[C]// The 31st IEEE/ACM International Conference on Automated Software Engineering. 2016: 308-319.
[8]	CHA S K , WOO M , BRUMLEY D . Program-adaptive mutational fuzzing[C]// The IEEE Symposium on Security and Privacy. 2015: 725-741.
[9]	PHAM V , B?HME M , ROYCHOUDHURY A . Model-based whitebox fuzzing for program binaries[C]// The 31st IEEE/ACM International Conference on Automated Software Engineering. 2016: 543-553.
[10]	The valgrind developers[EB/OL]. .
[11]	NETHERCOTE N , SEWARD J . Valgrind:a framework for heavyweight dynamic binary instrumentation[J]. ACM SIGPLAN Notices, 2007,42(6): 89-100.
[12]	[EB/OL]. .
[13]	HOLZMANN G J . The model checker SPIN[J]. IEEE Transactions on Software Engineering, 1997,23(5): 279-295.
[14]	BANG K , CHOI J , YOO C . Comments on “the model checker SPIN”[J]. IEEE Transactions on Software Engineering, 2001,27(6): 573-576.
[15]	BRéMOND-GRéGOIRE P , CHOI J , LEE I . A complete axiomatization of finite-state ACSR processes[J]. Information and Computation, 1997,138(2): 124-159.
[16]	The valgrind developers[EB/OL]. .
[17]	The valgrind developers[EB/OL]. .

Metrics

Recommended 0

No Suggested Reading articles found!

二进制程序	同步算法	算法缺陷
B₁	算法1	竞争条件
B₂	算法2	竞争条件
B₃	算法3	无

地址	指令
0804872B	mov ds:r_want,1
08048761	mov eax,state
08048766	cmp eax,1
08048769	jz shortloc_8048777
08048813	mov ds:r_want,0
08048826	mov state,1
08048735	mov state,0
080487FE	move ax,ds:r_want
08048803	test eax,eax
08048805	jz shortloc_8048848
0804881D	mov eax,state
08048822	test eax,eax
08048824	jnz shortloc_804883C

地址	指令
0804872B	mov ds:r_want,1
08048761	mov eax,state
08048766	cmp eax,1
08048769	jz shortloc_8048777
08048813	mov ds:r_want,0
0804883E	mov state,1
08048735	mov state,0
080487FE	move ax,ds:r_want
08048803	test eax,eax
08048805	jz shortloc_8048860
08048835	mov eax,state
0804883A	test eax,eax
0804883C	jnz shortloc_8048854

Analysis model of binary code security flaws based on structure characteristics

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 17

Related Articles 7

Metrics

Recommended 0

[1]	Jingcheng GUO,Hui SHU,Xiaobing XIONG,Fei KANG. Software protection technology based on code fragmentation [J]. Chinese Journal of Network and Information Security, 2020, 6(6): 57-68.
[2]	Fan CHAO,Zhi YANG,Xuehui DU,Yan SUN. Android malware detection method based on deep neural network [J]. Chinese Journal of Network and Information Security, 2020, 6(5): 67-79.
[3]	Jinhui TENG,Yan GUANG,Hui SHU,Bing ZHANG. Automatic detection method of software upgrade vulnerability based on network traffic analysis [J]. Chinese Journal of Network and Information Security, 2020, 6(1): 94-108.
[4]	Fanming LIU,Wei SHI. Blockchain-based ARP defense scheme [J]. Chinese Journal of Network and Information Security, 2018, 4(9): 36-43.
[5]	Da XIAO,Bohan LIU,Baojiang CUI,Xiaochen WANG,Suoxing ZHANG. Malware prediction technique based on program gene [J]. Chinese Journal of Network and Information Security, 2018, 4(8): 21-30.
[6]	Bo-wen SUN,Yan-yi HUANG,Qiao-kun WEN,Bin TIAN,Peng WU,Qi LI. Malware classification method based on static multiple-feature fusion [J]. Chinese Journal of Network and Information Security, 2017, 3(11): 68-76.
[7]	Ya-liang CHEN,Qin-yun DAI,Hai-yan WU,Zheng WEI. Research on the reverse analyses and monitoring data of Mirai malware botnet [J]. Chinese Journal of Network and Information Security, 2017, 3(8): 35-43.