计算机科学

计算机科学 ›› 2017, Vol. 44 ›› Issue (4): 109-113.doi: 10.11896/j.issn.1002-137X.2017.04.024

• NASAC 2015 • 上一篇    下一篇

基于模式匹配的安全漏洞检测方法

缪旭东,王永春,曹星辰,方峰   

  1. 海军大连舰艇学院作战软件与仿真研究所 大连116018,海军大连舰艇学院作战软件与仿真研究所 大连116018,华中科技大学计算机科学与技术学院 武汉430074,华中科技大学计算机科学与技术学院 武汉430074
  • 出版日期:2018-11-13 发布日期:2018-11-13
  • 基金资助:
    本文受湖北省自然科学基金(2014CFB1006),华中科技大学自主创新基金(2015QN062)资助

Detection Approach for Security Vulnerability Based on Pattern Matching

MIAO Xu-dong, WANG Yong-chun, CAO Xing-chen and FANG Feng   

  • Online:2018-11-13 Published:2018-11-13

PDF (PC)

1298

摘要: 针对现存的大部分软件漏洞静态检测工具无法灵活检测用户关心的漏洞的情况,提出了一种基于模式匹配的漏洞检测方法。首先,对待测程序源码进行解析,将其转化为中间表示并存放在自定义的数据结构中;然后,用安全规则语言描述漏洞并解析安全规则,将其转换成对应的自动机模型存放在内存中;最后,将源代码的中间表示与安全规则进行模式匹配,并跟踪自动机的状态转化,根据自动机状态向用户提交漏洞报告。实验结果表明,该方法的漏报率低、扩展性好。

关键词: 安全规则,模式匹配,漏洞检测,静态分析

Abstract: For the conditions that most of the existing software vulnerability static detecting tools cannot detect vulnerabilities that users care,this paper proposed a vulnerability detection method based on pattern matching.First,the source code which is going to be tested is parsed,and the code is transformed into intermediate representation which is stored in the user-defined data structure.Then,the vulnerability is described and the safety rules is parsed by using safety rule languages,and they are converted into corresponding automata model which can be stored in memory.Finally,the source code intermediate representation and safety rule should be for pattern matching,and the automata state should be transformed.And we need to submit the report based on the automata state to users.The experimental results show that this method has a low missing report rate and good expansibility.

Key words: Safety regulations,Pattern matching,Vulnerability detection,Static analysis

[1] JUENEMAN R R.Securing wireless medicine confidentiality,integrity,nonrepudiation,& malware prevention[C]∥2011 8th International Conference & Expo on Emerging Technologies for a Smarter World (CEWIT).IEEE,2011:1-5.
[2] ALBREIKI H H,MAHMOUD Q H.Evaluation of static analysis tools for software security[C]∥2014 10th International Conference on Innovations in Information Technology (INNOVATIONS).IEEE,2014:93-98.
[3] EGELE M,SCHOLTE T,KIRDA E,et al.A survey on automated dynamic malware-analysis techniques and tools [J].ACM Computing Surveys (CSUR),2012,44(2):6.
[4] STANCU C,WIMMER C,BRUNTHALER S,et al.Comparing points-to static analysis with runtime recorded profiling data[C]∥Proceedings of the 2014 International Conference on Principles and Practices of Programming on the Java platform:Virtual machines,Languages,and Tools.ACM,2014:157-168.
[5] CHELF B,ENGLER D,HALLEM S.How to Write System- specific,Static Checkers in Metal[C]∥Proceedings of the 2002 ACM SIGPLAN-SIGSOFT workshop on Program Analysis for Software Tools and Engineering.Charleston,SC,USA.ACM,2003:51-60.
[6] HALLEM S,CHELF B,XIE Y,et al.A system and language for building system-specific,static analyses[C]∥Proceedings of the ACM SIGPLAN Conference on Programming language Design and Implementation.ACM,2002:69-82.
[7] ARAUJO J E,SOUZA S,VALENTE M T.Study on the relevance of the warnings reported by Java bug-finding tools [J].IET Software,2011,5(4):366-374.
[8] KIM Y,KIM M,KIM Y J,et al.Industrial application of conco-lic testing approach:A case study on libexif by using CREST-BV and KLEE[C]∥2012 34th International Conference on Software Engineering (ICSE).IEEE,2012:1143-1152.
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发