%A ZHENG Jian-yun, PANG Jian-min, ZHOU Xin, WANG Jun %T Enhanced Binary Vulnerability Mining Based on Constraint Derivation %0 Journal Article %D 2021 %J Computer Science %R 10.11896/jsjkx.200700047 %P 320-326 %V 48 %N 3 %U {https://www.jsjkx.com/CN/abstract/article_19798.shtml} %8 2021-03-15 %X In recent years,using software similarity methods to mine the homologous vulnerabilities has been proved to be effective,but the existing methods still have some shortcomings in accuracy.Based on the existing software similarity methods,this paper proposes an enhanced similarity method based on constraint derivation.This method uses code normalizationand standardization to reduce the compilation noise,so that the decompiled code representations of homologous programs tend to be the same under different compilation conditions.By using the backward slicing technique,it extracts the constraint derivation of vulnerability function and vulnerability patch function.By comparing the similarity of two constraint derivations,the patch function that is easily misjudged as vulnerability function is filtered out,so as to reduce false positives of vulnerability miningresults.We implement a prototype called VulFind.Experimental results show that VulFind caneffectivelyimprove the accuracy of software similarity analysis and vulnerability mining results.