Computer Science ›› 2018, Vol. 45 ›› Issue (11A): 325-329.

• Information Security • Previous Articles     Next Articles

Symbolic Execution Technology Based Defect Detection System for Network Programs

DENG Zhao-kun, LU Yu-liang, ZHU Kai-long, HUANG Hui   

  1. National University of Defense Technology,Hefei 230037,China
  • Online:2019-02-26 Published:2019-02-26

Abstract: The network software consists of a server and a client running on different physical nodes.Unlike ordinary binary programs,when the network software running,the server and client will communicate and transmit data in real time,and the interaction between two sides will impact on each other’s program running,so the analyzing only on ser-ver-side often leads to fault or omission of software vulnerabilities.This paper studied the state synchronization techno-logy of the two point and the process of symbolic data introduced,which is based on software virtual machine of dyna-mic binary translation mechanism and selective symbol execution technology.Through the key function hook method,the program execution process was monitored,the two-terminal state synchronization decision model was determined,and an automated network program vulnerability detection system was built.The experiment verified the effectiveness of the system in the discovery vulnerabilities of the actual network software.Finally,this system was tested by detecting the CVE vulnerabilities in the software,and the experiment results also proved the effectiveness of this system.

Key words: Function hooks, Network program, Selective symbol execution, State synchronization, Vulnerabilities detecting

CLC Number: 

  • TP311
[1]王彤彤,韩文报,王航.基于安全需求的软件漏洞分析模型[J].计算机科学,2007,34(9):287-289.
[2]MOLNAR D,LI X C,WAGNER D.Dynamic Test Generationto Find Integer Bugs in x86 Binary Linux Programs[C]∥18th Conference on USENIX Security Symposium.New York:ACM,2009:67-82.
[3]WEN S,FENG C,MENG Q,et al.Analyzing network protocol binary software with joint symbolic execution[C]∥International Conference on Systems and Informatics.IEEE,2017:738-742.
[4]SONG J S,KIM H,PARK S.Enhancing Conformance Testing Using Symbolic Execution for Network Protocols[J].IEEE Transactions on Reliability,2015,64(3):1024-1037.
[5]牛伟纳,丁雪峰,刘智,等.基于符号执行的二进制代码漏洞发现[J].计算机科学,2013,40(10):119-121.
[6]KING J C.Symbolic execution and program testing[J].Communications of the Acm,1976,19(7):385-394.
[7]FERENC G,DIMI C Z,LUTOVAC M,et al.Distributed robot control system implemented on the client and server PCs based on the CORBA protocol[C]∥Proceedings of Mediterranean Conference on Embedded Computing.2012:158-161.
[8]FREUND E,ROSSMANN J,SCHLUSE M,et al.Using super visory control methods for model based control of multi-agent systems [C]∥Proceedings of Conference on IEEE Robotics,Automation and Mechatronics.2004:649-656.
[9]NAKAGAWA S,IGARASHI N,TSUCHIYA Y,et al.An implementation of a distributed service framework for cloud-based robot services[C]∥Proceedings of the 38th Annual Conference on IEEE Industrial Electronics Society.2012:4148-4153.
[10]GILPIN K,KOTAY K,RUS D,et al.Miche:Modular Shape Formation by Self-Disassembly[J].International Journal of Robotics Research,2008,27(34):345-372.
[11]SPROWITZ A,POUYA S,BONARDI S,et al.Roombots:re-configurablerobots for adap-tive furniture[J].IEEE Computational Intelligence Magazine,2010,5(3):20-32.
[12]GASCON H,WRESSNEGGER C,YAMAGUCHI F,et al.Pulsar:Stateful Black-Box Fuzzing of Proprietary Network Protocols[J].Springer International Publishing,2015,5168:330-347.
[13]SONG J S,CADAR C,PIETZUCH P.SymbexNet:Testing Network Protocol Implementations with Symbolic Execution and Rule-Based Specifications[J].IEEE Transactions on Software Engineering,2014,40(7):695-709.
[14]SONG J S,KIM H,PARK S.Enhancing Conformance Testing Using Symbolic Execution for Network Protocols[J].IEEE Transactions on Reliability,2015,64(3):1024-1037.
[15]冯震,聂森,王轶骏,等.基于S2E的Use-After-Free漏洞检测方案[J].计算机应用与软件,2016,33(4):273-276.
[1] YI Fa-Sheng,  XIA Meng-Qin , YE Ya-Lan , ZENG Jia-Zhi (Department of Computer Science, UEST of China, Chengdu 610054). [J]. Computer Science, 2006, 33(3): 58-61.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!