计算机科学 ›› 2018, Vol. 45 ›› Issue (11A): 325-329.
邓兆琨, 陆余良, 朱凯龙, 黄晖
DENG Zhao-kun, LU Yu-liang, ZHU Kai-long, HUANG Hui
摘要: 网络程序由运行在不同物理节点上的服务器端和客户端组成。与普通二进制程序不同,网络程序在运行过程中,其服务器端和客户端会进行实时的通信和数据传输,二者之间的交互过程会对彼此的程序运行产生影响,因此,仅对服务器端程序进行分析常会导致漏洞的漏报或误报。首先以对网络程序进行自动化漏洞检测为目标,基于软件虚拟机的动态二进制翻译机制和选择性符号执行技术,对符号化数据的引入、符号执行过程中程序双端的状态同步技术进行了研究。然后通过重点函数挂钩的方式监控程序执行过程,确定了双端状态同步的判定模型,构建了一个自动化的网络程序漏洞检测系统。通过实验验证了该系统在实际网络程序漏洞发现过程中的有效性,并针对商业软件中存在的CVE漏洞进行了测试性检测,进一步证明了该系统的可推广性。
中图分类号:
[1]王彤彤,韩文报,王航.基于安全需求的软件漏洞分析模型[J].计算机科学,2007,34(9):287-289. [2]MOLNAR D,LI X C,WAGNER D.Dynamic Test Generationto Find Integer Bugs in x86 Binary Linux Programs[C]∥18th Conference on USENIX Security Symposium.New York:ACM,2009:67-82. [3]WEN S,FENG C,MENG Q,et al.Analyzing network protocol binary software with joint symbolic execution[C]∥International Conference on Systems and Informatics.IEEE,2017:738-742. [4]SONG J S,KIM H,PARK S.Enhancing Conformance Testing Using Symbolic Execution for Network Protocols[J].IEEE Transactions on Reliability,2015,64(3):1024-1037. [5]牛伟纳,丁雪峰,刘智,等.基于符号执行的二进制代码漏洞发现[J].计算机科学,2013,40(10):119-121. [6]KING J C.Symbolic execution and program testing[J].Communications of the Acm,1976,19(7):385-394. [7]FERENC G,DIMI C Z,LUTOVAC M,et al.Distributed robot control system implemented on the client and server PCs based on the CORBA protocol[C]∥Proceedings of Mediterranean Conference on Embedded Computing.2012:158-161. [8]FREUND E,ROSSMANN J,SCHLUSE M,et al.Using super visory control methods for model based control of multi-agent systems [C]∥Proceedings of Conference on IEEE Robotics,Automation and Mechatronics.2004:649-656. [9]NAKAGAWA S,IGARASHI N,TSUCHIYA Y,et al.An implementation of a distributed service framework for cloud-based robot services[C]∥Proceedings of the 38th Annual Conference on IEEE Industrial Electronics Society.2012:4148-4153. [10]GILPIN K,KOTAY K,RUS D,et al.Miche:Modular Shape Formation by Self-Disassembly[J].International Journal of Robotics Research,2008,27(34):345-372. [11]SPROWITZ A,POUYA S,BONARDI S,et al.Roombots:re-configurablerobots for adap-tive furniture[J].IEEE Computational Intelligence Magazine,2010,5(3):20-32. [12]GASCON H,WRESSNEGGER C,YAMAGUCHI F,et al.Pulsar:Stateful Black-Box Fuzzing of Proprietary Network Protocols[J].Springer International Publishing,2015,5168:330-347. [13]SONG J S,CADAR C,PIETZUCH P.SymbexNet:Testing Network Protocol Implementations with Symbolic Execution and Rule-Based Specifications[J].IEEE Transactions on Software Engineering,2014,40(7):695-709. [14]SONG J S,KIM H,PARK S.Enhancing Conformance Testing Using Symbolic Execution for Network Protocols[J].IEEE Transactions on Reliability,2015,64(3):1024-1037. [15]冯震,聂森,王轶骏,等.基于S2E的Use-After-Free漏洞检测方案[J].计算机应用与软件,2016,33(4):273-276. |
[1] | 张潆藜, 马佳利, 刘子昂, 刘新, 周睿. 以太坊Solidity智能合约漏洞检测方法综述 Overview of Vulnerability Detection Methods for Ethereum Solidity Smart Contracts 计算机科学, 2022, 49(3): 52-61. https://doi.org/10.11896/jsjkx.210700004 |
[2] | 李明磊, 黄晖, 陆余良, 朱凯龙. SymFuzz:一种复杂路径条件下的漏洞检测技术 SymFuzz:Vulnerability Detection Technology Under Complex Path Conditions 计算机科学, 2021, 48(5): 25-31. https://doi.org/10.11896/jsjkx.200600128 |
[3] | 涂良琼, 孙小兵, 张佳乐, 蔡杰, 李斌, 薄莉莉. 智能合约漏洞检测工具研究综述 Survey of Vulnerability Detection Tools for Smart Contracts 计算机科学, 2021, 48(11): 79-88. https://doi.org/10.11896/jsjkx.210600117 |
[4] | 龚扣林, 周宇, 丁笠, 王永超. 基于BiLSTM模型的漏洞检测 Vulnerability Detection Using Bidirectional Long Short-term Memory Networks 计算机科学, 2020, 47(5): 295-300. https://doi.org/10.11896/jsjkx.190800046 |
[5] | 缪旭东,王永春,曹星辰,方峰. 基于模式匹配的安全漏洞检测方法 Detection Approach for Security Vulnerability Based on Pattern Matching 计算机科学, 2017, 44(4): 109-113. https://doi.org/10.11896/j.issn.1002-137X.2017.04.024 |
[6] | 万燕,赵希,王国林. 基于OVAL的安卓漏洞检测评估系统 Android Vulnerability Detection and Assessment System Based on OVAL 计算机科学, 2017, 44(4): 79-81. https://doi.org/10.11896/j.issn.1002-137X.2017.04.017 |
[7] | 王涛,韩兰胜,付才,邹德清,刘铭. 软件漏洞静态检测模型及检测框架 Static Detection Model and Framework for Software Vulnerability 计算机科学, 2016, 43(5): 80-86. https://doi.org/10.11896/j.issn.1002-137X.2016.05.015 |
[8] | 朱正欣,曾凡平,黄心依. 二进制程序的动态符号化污点分析 Dynamic Symbolic Taint Analysis of Binary Programs 计算机科学, 2016, 43(2): 155-158. https://doi.org/10.11896/j.issn.1002-137X.2016.02.034 |
[9] | . 基于市场占有率的操作系统安全漏洞检测模型 计算机科学, 2009, 36(4): 159-162. |
[10] | 许俊杰 蔡皖东. 一种远程缓冲区溢出漏洞检测模型及系统实现 计算机科学, 2008, 35(6): 60-62. |
|