摘要
软件漏洞静态分析是信息安全领域的重点研究方向,如何描述漏洞及判别漏洞是漏洞静态分析的核心问题。提出了一种用于描述和判别漏洞的漏洞静态检测模型。首先对软件漏洞的属性特征进行形式化定义,并对多种软件漏洞和其判定规则进行形式化描述;其次,针对传统的路径分析存在的状态空间爆炸问题,提出了一个新的程序中间表示——漏洞可执行路径集,以压缩程序状态空间。在该模型的基础上,设计了一个基于漏洞可执行路径集的软件漏洞静态检测框架,利用定义的漏洞语法规则求解漏洞可执行路径集上的漏洞相关节点集,利用漏洞判定规则对漏洞相关节点集进行判别得出漏洞报告。实验分析验证了该漏洞检测模型的正确性和可行性。
Static analysis of source-oriented software vulnerabilities has already been a research focus of information security in recent years.The core problem of vulnerability static detection is how to describe these vulnerabilities and how to detect them.We proposed a static analysis model to describe and detect software vulnerabilities.Firstly,formal definition is used to describe the attributes of several common software vulnerabilities,and these vulnerabilities and its discrimination rules are formulated with formal description.Secondly,a new program intermediate representation called vulnerability executable path set is proposed which is used to take place of traditional path analysis in order to reduce the program state space and avoid state explosion.Based on this model,we designed a static detection framework for software vulnerability based on vulnerability executable path set to solve vulnerability relation nodes with vulnerability syntax rule on vulnerability executable path set and detect vulnerabilities on vulnerability relation nodes by the vulnerability discrimination rules.The results show the correctness and feasibility of the static analysis model.
出处
《计算机科学》
CSCD
北大核心
2016年第5期80-86,116,共8页
Computer Science
基金
基于任务的木马关联行为识别研究(61272033)
移动网络行为的多态聚类及其演化研究(61272405)
云计算安全基础理论与方法研究(2014CB340600)资助
关键词
静态分析
漏洞检测
形式化描述
状态空间爆炸
中间表示
Static analysis
Vulnerability detection
Formal description
State explosion
Intermediate representation
