CN102567200A - Parallelization security hole detecting method based on function call graph - Google Patents
Parallelization security hole detecting method based on function call graph Download PDFInfo
- Publication number
- CN102567200A CN102567200A CN2011104171053A CN201110417105A CN102567200A CN 102567200 A CN102567200 A CN 102567200A CN 2011104171053 A CN2011104171053 A CN 2011104171053A CN 201110417105 A CN201110417105 A CN 201110417105A CN 102567200 A CN102567200 A CN 102567200A
- Authority
- CN
- China
- Prior art keywords
- function
- detection
- module
- call graph
- detected
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Stored Programmes (AREA)
- Debugging And Monitoring (AREA)
Abstract
本发明涉及一种基于函数调用图的并行化安全漏洞检测方法。本发明通过分析C语言模块里的函数调用关系确定要检测的函数集合,利用预处理技术对其进行插装和assert断言分析,再使用模型检测和并行化技术来检测程序的安全漏洞。主要内容包括:生成函数关系调用图,通过对其分析来确定所要检测的C函数信息;利用约束分析技术对C程序源代码中涉及到得缓冲区属性信息进行提取,并利用缓冲区属性信息在变量声明、赋值、函数调用点插入相应的ASSERT语句信息;对插装后的代码作为进行可达性判定,分析程序中的危险点是否存在一条可达性路径来发现源代码中的安全漏洞。本发明结合约束分析的静态检测技术和模型检测以及并行化技术实现对缓冲区溢出等安全漏洞的检测,并且检测精度比一般的静态检测技术要高。
The invention relates to a method for detecting parallel security loopholes based on a function call graph. The invention determines the function set to be detected by analyzing the function calling relationship in the C language module, uses the preprocessing technology to insert and assert the analysis, and then uses the model detection and parallelization technology to detect the safety loophole of the program. The main content includes: generating function relationship call graph, and determining the C function information to be detected by analyzing it; using constraint analysis technology to extract the buffer attribute information involved in the C program source code, and using the buffer attribute information in the Insert corresponding ASSERT statement information at variable declarations, assignments, and function call points; make an accessibility judgment on the inserted code, and analyze whether there is an accessibility path for dangerous points in the program to find security holes in the source code. The invention combines the static detection technology of constraint analysis, model detection and parallelization technology to realize the detection of buffer overflow and other safety loopholes, and the detection accuracy is higher than that of general static detection technology.
Description
Technical field:
The present invention relates to a kind of parallel detecting method of source code leak.
Background technology:
Along with the development of infotech, computer software has been penetrated in the every field of national economy, and closely bound up with people's productive life.The safety problem of software also more and more highlights its importance, and in a single day some critical softwares are destroyed, and will cause professional and even nationwide paralysis.The user of malice can be directed against the mistake of specific software, thereby the operation malice codes obtains visiting the authority of invalid data.Buffer-overflow vulnerability is topmost a kind of in present this type security breaches.The user of malice can be through the input data layout of routine analyzer; And confirm that these deposit data are in the buffer zone of program; The user just might be through special input data like this; The sensitive data of stack space is override, special the return address of preserving is replaced with the address of the unused code of user oneself definition, like this disabled user just can the control program flow process, the execution illegal operation.
The leak of software can detect through static method and dynamic approach.Static method is divided into general static detection method and based on the formalization verification method of categorical theory, the first kind mainly is based on the leak that possibly exist in the method inspection code of process analysis; Second class methods then are the basis with formal logic, automaton theory, and whether proving program has certain character.The method of process analysis can not be carried out exhaustive to all states of program; Therefore degree of accuracy is not good enough; Model detects and can carry out exhaustive to the state of all programs; Yet in order to verify the character of a short and small program, need the program state possibility of search just very huge, the method that therefore pure model detects can not be carried out Hole Detection effectively.More effective a kind of model checking method is based on the software model detection method of abstract-checking-refinement example at present; The representative instrument is the Blast of University of California Berkeley's development; This method can suitably be ignored and the incoherent code of security breaches attribute, thereby has simplified whole verification process.This not only can increase detected leak number but also can reduce rate of false alarm, improves accuracy of detection.Different with static detection method is; Dynamic detection technology is to the not restriction of scale of program; Can detect large program, yet significantly deficiency is the dependence of dynamic detection technology to input, has only when specific input makes program implement dangerous point; Leak just can come to light, thereby causes rate of false alarm higher.
Simple model checking method is the direct leak of trace routine generally, such as Blast once by means of the quoted problem of null pointer in the Securd trace routine, but can not detect the security of more complicated buffer zone operation.In addition, when detecting extensive program, model checking method can produce state space blast problem.
Summary of the invention:
The technical matters that the present invention will solve is: can produce state space blast problem to model checking method; The method that proposes a kind of parallelization model detection comes buffer-overflow vulnerability is verified; This method can be applied in large-scale program and the embedded OS module practically at present, and has the advantage that reduces state space, low rate of false alarm.
The technical scheme that the present invention adopts is: based on the parallelization security flaw detection method of function call figure; It is characterized in that: through analyzing the function calling relationship generating function calling graph of program to be detected; Find out the leaf node function in the calling graph tree; Restart parallelisation procedure, utilize model checking tools to accomplish detection simultaneously, thereby judge and analyze security breaches and cause the path the leaf node function.
The present invention adopts the parallel optimization method based on function and multithreading.At first, utilize register transfer language (RTL) specificity analysis of GCC to go out the function calling relationship in each file in the module to be detected simultaneously to the multifile module of input, at this moment, generating function concerns calling graph.Then, the funtcional relationship calling graph is analyzed, finding in-degree is zero function node (leaf node).At last, the file that leaf node is belonged to carries out pre-service, starts multithreading and also utilizes model checking tools BLAST to carry out the accessibility checking through pretreated file.
Whole function call figure mainly divides following several sections:
(1) calling graph generation module, this module is accomplished the function calling relationship map generalization, through generating the function calls graph of a relation of file module to be detected, can begin to analyze and detect from the bottom function easily, also can dispatch whole testing process easily;
(2) analyze scheduler module; The task of this module is the whole testing process of scheduling on the basis of calling graph; Because the independence between module file, the function that calls subtree from difference generally has less correlativity or does not have correlativity, can be conveniently this type of function be carried out parallel detection;
(3) pre-processing module; This module has been set up the constraint Analysis mechanism of a cover to buffer-overflow vulnerability, for buffer zone increases attribute length information mainly in the enterprising row constraint analysis of the abstract syntax tree of GCC; Different buffer zone action statement generates corresponding to different attribute constraints; The process of completion code plug-in mounting is analyzed then and is asserted the distribution situation of assert, for the model detection module provides the basis;
(4) detection module, this module testing tool BLAST that uses a model accomplishes the file after handling through pre-processing module, and detection system starts multithreading and detects simultaneously.
Detecting based on the model of function and multi-threaded parallelization finally is a kind ofly to verify whether given system satisfies the technology of specific character.A given property description that system to be detected is relevant with system; Execution through the model detection algorithm; Algorithm can prove whether this system satisfies given character, if system does not satisfy given character, system can provide the error reporting that comprises counter-example with; Thereby detect security breaches, so the security breaches problem successfully has been converted into the Reachability question to error label ERROR.
Description of drawings:
The structure diagram that Fig. 1 implements for the inventive method;
Fig. 2 is the main algorithm of calling graph generation module
Fig. 3 is for analyzing the main algorithm of scheduler module
Fig. 4 is before the plug-in mounting and the contrast between the code behind the plug-in mounting, and what underscore marked among Fig. 4 b is the plug-in mounting code
Fig. 5 is the main algorithm of pre-processing module
Fig. 6 result that to be Blast detect the attribute restricted model, file path shown in the figure can show the Actual path of leak, makes things convenient for that the program personnel are manual to search and confirm.
Embodiment:
The present invention utilizes static analysis, concerns function calls relation in the method tracing program of calling graph through generating function, for analyzing scheduler module corresponding scheduling information is provided; Then; On this basis, the file of required plug-in mounting is handled through pre-processing module, last, realize that through detection module parallel model detects; To realize check and analysis, guaranteed accurate detection to the source code leak for the security breaches problem.Structural drawing such as Fig. 1.
1. calling graph generation module
At first this module generates the function calling relationship figure of software to be detected, and it can begin to analyze and detect from the bottom function easily, also can dispatch whole testing process easily.
In the process that realizes, we have utilized the characteristic of the register transfer language (RTL) of GCC.It is through in the frontal chromatography code of GCC, generating abstract syntax tree (AST), in the rear end of GCC, is compiled into the RTL language to AST as the transition that is compiled into final code.
Through analyzing the RTL file, we find function definition can in the RTL file, generate "; Function fun-name (fun-name) " format string; wherein fun-name is meant actual function name; when running into call function, and the RTL file can generate the RTL instruction of call, and regular expression provides general format and is " (call.* (fun-name) .*) "; wherein, fun-name is the function name of calling.Therefore, we obtain generating main algorithm such as Fig. 2 of calling graph part, and the main contents of algorithm are:
At first, utilize GCC to generate the RTL file, RTL analyzes to confirm the function calls relation, carries out information extraction in the RTL file each is capable then, if having satisfied "; Function " row of form; just note RTL file content represented function name and file name thereof; and to zone bit of this function setup, if the row of satisfied (call) form is arranged, just record the represented homophony of RTL fileinfo in another file with the function and the function that is called; preserve corresponding function information with this, think that analyzing scheduler module provides reference information.
2. analysis scheduler module
On the basis in a last step, accomplished the associative operation of funtcional relationship calling graph, the main task of analyzing scheduler module is to analyze calling graph, the whole testing process of scheduling on the basis of calling graph.Because the modularity characteristic of software to be detected, it is very little or do not have correlativity to call the functional dependence of subtree from difference, and therefore, through the analysis to the funtcional relationship calling graph, we can do parallel detection to some such functions.On the one hand, we have also considered the sensitivity transmission of interprocedual, and just the parameter of callee is handled the situation that can influence caller, with this, should begin from the function than bottom to detect; On the other hand, owing to be that bottom-up scheduling detects, and the function of bottom generally is distributed in the different module, and correlativity is smaller, so it is parallel relatively easy to realize.
In analyzing scheduling; The funtcional relationship calling graph that we at first analyze module information to be measured and are generated; Find out the leaf node that concerns in the calling graph, the mark function and the file thereof that need detect well dispatched testing tool at last these functions to be detected and file carried out parallel detection then.Thus, we have obtained analyzing main algorithm such as Fig. 3 of scheduler module, and the main contents of algorithm are:
At first, to the homophony function and the function that is called, a homophony function whenever calls a function in the function call figure each, and its out-degree count value adds at every turn be called once its in-degree count value of 1, one called function and adds 1; Then, search all out-degree count values in the module file and be 0 function, and be labeled as leaf node, join in the leaf node array; Secondly, the fileinfo that belongs to all leaf nodes and leaf node is archived to during specific leaf sets a file, and carries out Hole Detection conveniently to utilize model checking tools.
3. pre-processing module
The main completion code plug-in mounting of pre-processing module with assert the function of analyzing.Code instrumentation adopts syntax-directed method; In the enterprising row constraint analysis of the abstract syntax tree of GCC; Set up the constraint Analysis mechanism of a cover to buffer-overflow vulnerability, for buffer zone increases attribute length information, different buffer zone action statement generates corresponding to different attribute constraints.For describing whole constraint Analysis process; At first carry out abstract to the C language; The non-stream sensitivity of analytic process; Can the processing controls stream information, analyze the present invention and the C language syntax of being concerned about is carried out abstract for simplifying, comprise pointer variable, integer variable, function call, Memory Allocation and assignment statement.According to the abstract operation of these grammers, generates corresponding property and handle statement, and create-rule is to be provided by the xml configuration file that this document will directly instruct the foundation of buffer zone attribute model to buffer zone.The good code of Fig. 4 a plug-in mounting is the C language codes that can compile, like Fig. 4 b.Because the singularity that parallel model detects and the limitation of BLAST model checking tools, we have done corresponding change by the C language codes after to plug-in mounting, comment out promptly that to comprise the C language codes that assert asserts capable.Activating assert to be detected one by one when analyzing conveniently to assert asserts.
After pre-processing module is accomplished plug-in mounting to file, also need analyze and assert the distribution situation of assert, judge the function at assert place, the binding analysis scheduler module provides function name to be detected and filename, for the model detection module provides the basis.Assert and analyze in search assert, can analyze and write down the residing action scope of statement, thereby analyze function definition.The specific algorithm of this pre-processing module such as Fig. 5, the main contents of algorithm are:
At first, for all leaf nodes, read out the C language file at leaf node place line by line; When tracking the leaf node function, correspondingly do a sign, if dangerous point function in the leaf node; The assert that is plug-in mounting asserts; Activate this to be detected asserting so, and be saved in it in the corresponding file, carry out parallel detection to make things convenient for the model detection module.Then, in the leaf function, continue to search, assert, carry out according to top method so if find assert once more, otherwise, jump out leaf node, then reset sign, thereby continue to follow the trail of other the leaf node and the C language file at place thereof.
Assert through only comprising an activation in each file that obtains after the pre-processing module processing asserts; To make things convenient for model checking tools to detect; Simultaneously owing to correlativity between the leaf node is less relatively; So the method that we can launch multithreading detects the C language file of handling the back generation through pre-processing module.
4. detection module
The detection module testing tool BLAST that uses a model detects through pretreated C language file, and this module starts multithreading and detects simultaneously.Detection module carries out the accessibility checking to the function name of analyzing the scheduler module generation with asserting, the testing result that obtains is scheduler module processing by analysis also.
Blast is the model checking tools of analyzing between a control stream sensitivity and supporting process.People such as Thomas A.Henzinger exploitation by University of California.Blast has carried out accurate inspection to the null pointer misquotation of C language codes, and rate of false alarm is very low; Blast can carry out the approachability analysis of code in addition, and just whether determining program can begin to carry out and arrive certain appointed positions from entering the mouth out.
Use Blast that the attribute model of being set up in the last step is carried out approachability analysis.Attribute constraint for being generated in the attribute model changes the label (Fig. 4 b) that Blast need verify into through macro substitution, if this label can reach, shows that then there are security breaches in this place.Blast uses the method for counter-example guidance to carry out approachability analysis, can the execution route from program entry to this label be noted, and through can analyze the execution route that produces security breaches to path trace, makes things convenient for that the program personnel are manual to search and confirm.Fig. 6 illustrates resulting Hole Detection result, in this result, shows the position and the filename of leak path file, opens the specifying information that this document can be seen the leak path.
The main thought of detection module is exactly to carry out the accessibility checking with function entrance.Because it is that elementary cell is carried out that model detects with the function, with respect to the accessibility that begins from the main function, the number of times that calls the theorem prover inquiry can reduce relatively, and the searching route of checking also can shorten relatively.In addition, another the obvious benefit that detects based on function makes things convenient for parallel detection to handle exactly, begins from leaf node because model detects, and the correlativity between the leaf node function is less or do not have a correlativity.The parallel detection here is to adopt POSIX threads (being called for short Pthreads).Pthreads is that a cover is commonly used in the parallel storehouse of carrying out multiple programming on the multi-core platform, and it has made full use of the multinuclear resource on the machine.
Claims (5)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104171053A CN102567200A (en) | 2011-12-14 | 2011-12-14 | Parallelization security hole detecting method based on function call graph |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104171053A CN102567200A (en) | 2011-12-14 | 2011-12-14 | Parallelization security hole detecting method based on function call graph |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102567200A true CN102567200A (en) | 2012-07-11 |
Family
ID=46412667
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011104171053A Pending CN102567200A (en) | 2011-12-14 | 2011-12-14 | Parallelization security hole detecting method based on function call graph |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102567200A (en) |
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938040A (en) * | 2012-09-29 | 2013-02-20 | 中兴通讯股份有限公司 | Malicious Android application program detection method, system and device |
| CN103049701A (en) * | 2012-11-30 | 2013-04-17 | 南京翰海源信息技术有限公司 | Detecting system and method for shellcode based on memory searching |
| CN103365774A (en) * | 2013-08-22 | 2013-10-23 | 北京航空航天大学 | Transient error detection method based on function call relationship |
| CN103440196A (en) * | 2013-07-11 | 2013-12-11 | 大连交通大学 | Resource problem detection method for novel operation system |
| CN104504337A (en) * | 2014-12-31 | 2015-04-08 | 中国人民解放军理工大学 | Method for detecting malicious application disclosing Android data |
| CN105468508A (en) * | 2014-09-04 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Code testing method and apparatus |
| CN105589904A (en) * | 2014-12-11 | 2016-05-18 | 中国银联股份有限公司 | Bytecode comparison based influence backtracking analysis method and backtracking analysis device |
| CN105745647A (en) * | 2013-11-19 | 2016-07-06 | 谷歌公司 | Callpath finder |
| CN105955883A (en) * | 2016-04-27 | 2016-09-21 | 中国科学院软件研究所 | Single-machine multi-core parallel model checking method with high performance |
| CN106326103A (en) * | 2015-07-06 | 2017-01-11 | 阿里巴巴集团控股有限公司 | Method and apparatus used for detecting vulnerability of to-be-detected application |
| CN106339315A (en) * | 2016-08-19 | 2017-01-18 | 东软集团股份有限公司 | Defect positioning method and device |
| CN108170434A (en) * | 2017-12-26 | 2018-06-15 | 首都师范大学 | The parallel acquisition methods and device in dangerous path |
| CN108694329A (en) * | 2018-05-15 | 2018-10-23 | 中国科学院信息工程研究所 | A kind of mobile intelligent terminal security incident based on software and hardware combining is credible record system and method |
| CN109032918A (en) * | 2018-05-31 | 2018-12-18 | 长安大学 | A kind of sensing node program exception diagnostic method based on abnormal task function trace |
| CN109344611A (en) * | 2018-09-06 | 2019-02-15 | 平安普惠企业管理有限公司 | Access control method, terminal device and the medium of application |
| CN109711159A (en) * | 2018-11-26 | 2019-05-03 | 北京计算机技术及应用研究所 | A kind of IP kernel rtl code security flaw detection method based on information flow |
| CN110363004A (en) * | 2018-04-10 | 2019-10-22 | 腾讯科技(深圳)有限公司 | A kind of code vulnerabilities detection method, device, medium and equipment |
| CN110471662A (en) * | 2019-08-21 | 2019-11-19 | 北京百度网讯科技有限公司 | Program transformation method, device and equipment |
| CN110889574A (en) * | 2018-09-11 | 2020-03-17 | 富士通株式会社 | Uncertainty factor detection device, method and medium for smart contract |
| CN111738710A (en) * | 2020-07-23 | 2020-10-02 | 支付宝(杭州)信息技术有限公司 | Method and processor for resource deduction of execution of intelligent contract |
| CN112182572A (en) * | 2020-08-25 | 2021-01-05 | 通号城市轨道交通技术有限公司 | Urban rail interlocking software code static measurement method and system |
| CN112434305A (en) * | 2020-12-07 | 2021-03-02 | 北京中科微澜科技有限公司 | Patch-based vulnerability detection method and device, storage medium and electronic equipment |
| CN112527302A (en) * | 2019-09-19 | 2021-03-19 | 北京字节跳动网络技术有限公司 | Error detection method and device, terminal and storage medium |
| CN113221126A (en) * | 2021-05-31 | 2021-08-06 | 北京中科天齐信息技术有限公司 | TensorFlow program vulnerability detection method and device and electronic equipment |
| CN113971278A (en) * | 2020-07-24 | 2022-01-25 | 中移(苏州)软件技术有限公司 | A memory vulnerability detection method and its device, equipment and storage medium |
| CN114117426A (en) * | 2021-11-16 | 2022-03-01 | 中国人民解放军国防科技大学 | WEB application vulnerability detection method and system |
| CN115495369A (en) * | 2022-09-29 | 2022-12-20 | 中国电信股份有限公司 | Open source software security baseline detection method, device and system |
| CN116226673A (en) * | 2023-05-05 | 2023-06-06 | 中国人民解放军国防科技大学 | Training method of buffer region vulnerability recognition model, vulnerability detection method and device |
| CN117235746A (en) * | 2023-11-15 | 2023-12-15 | 深圳海云安网络安全技术有限公司 | Source code safety control platform based on multidimensional AST fusion detection |
| CN117951016A (en) * | 2024-01-23 | 2024-04-30 | 复旦大学 | An automated detection method for firmware update vulnerabilities of IoT devices |
| CN118885327A (en) * | 2024-07-16 | 2024-11-01 | 湖南快乐阳光互动娱乐传媒有限公司 | Data verification method, device, storage medium and electronic equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006031363A (en) * | 2004-07-15 | 2006-02-02 | Mitsubishi Research Institute Inc | Buffer overflow vulnerability detection program and buffer overflow vulnerability detection method |
| CN101571828A (en) * | 2009-06-11 | 2009-11-04 | 北京航空航天大学 | Method for detecting code security hole based on constraint analysis and model checking |
-
2011
- 2011-12-14 CN CN2011104171053A patent/CN102567200A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006031363A (en) * | 2004-07-15 | 2006-02-02 | Mitsubishi Research Institute Inc | Buffer overflow vulnerability detection program and buffer overflow vulnerability detection method |
| CN101571828A (en) * | 2009-06-11 | 2009-11-04 | 北京航空航天大学 | Method for detecting code security hole based on constraint analysis and model checking |
Non-Patent Citations (2)
| Title |
|---|
| GANG WANG等: "A Parallel Vulnerability Detection Framework via MPI", 《2011 INTERNATIONAL CONFERENCE ON MANAGEMENT AND SERVICE SCIENCE》 * |
| 邝宏斌等: "并行软件模型检测", 《计算机工程》 * |
Cited By (49)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938040A (en) * | 2012-09-29 | 2013-02-20 | 中兴通讯股份有限公司 | Malicious Android application program detection method, system and device |
| CN103049701A (en) * | 2012-11-30 | 2013-04-17 | 南京翰海源信息技术有限公司 | Detecting system and method for shellcode based on memory searching |
| CN103440196A (en) * | 2013-07-11 | 2013-12-11 | 大连交通大学 | Resource problem detection method for novel operation system |
| CN103440196B (en) * | 2013-07-11 | 2016-03-09 | 大连交通大学 | A kind of operating-system resources failure detecting method |
| CN103365774A (en) * | 2013-08-22 | 2013-10-23 | 北京航空航天大学 | Transient error detection method based on function call relationship |
| CN105745647A (en) * | 2013-11-19 | 2016-07-06 | 谷歌公司 | Callpath finder |
| CN105745647B (en) * | 2013-11-19 | 2019-06-04 | 谷歌有限责任公司 | Invoke pathfinder |
| CN105468508B (en) * | 2014-09-04 | 2018-07-03 | 阿里巴巴集团控股有限公司 | code detection method and device |
| CN105468508A (en) * | 2014-09-04 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Code testing method and apparatus |
| CN105589904A (en) * | 2014-12-11 | 2016-05-18 | 中国银联股份有限公司 | Bytecode comparison based influence backtracking analysis method and backtracking analysis device |
| CN105589904B (en) * | 2014-12-11 | 2018-11-27 | 中国银联股份有限公司 | The influence backtracking analysis method and backtracking analytical equipment compared based on bytecode |
| CN104504337A (en) * | 2014-12-31 | 2015-04-08 | 中国人民解放军理工大学 | Method for detecting malicious application disclosing Android data |
| CN106326103B (en) * | 2015-07-06 | 2019-01-04 | 阿里巴巴集团控股有限公司 | For detecting the method and device of the loophole of application to be detected |
| CN106326103A (en) * | 2015-07-06 | 2017-01-11 | 阿里巴巴集团控股有限公司 | Method and apparatus used for detecting vulnerability of to-be-detected application |
| CN105955883B (en) * | 2016-04-27 | 2018-08-03 | 中国科学院软件研究所 | A kind of high-performance single machine multi-core parallel concurrent model checking method |
| CN105955883A (en) * | 2016-04-27 | 2016-09-21 | 中国科学院软件研究所 | Single-machine multi-core parallel model checking method with high performance |
| CN106339315A (en) * | 2016-08-19 | 2017-01-18 | 东软集团股份有限公司 | Defect positioning method and device |
| CN106339315B (en) * | 2016-08-19 | 2019-03-22 | 东软集团股份有限公司 | Position the method and device of defect |
| CN108170434A (en) * | 2017-12-26 | 2018-06-15 | 首都师范大学 | The parallel acquisition methods and device in dangerous path |
| CN110363004A (en) * | 2018-04-10 | 2019-10-22 | 腾讯科技(深圳)有限公司 | A kind of code vulnerabilities detection method, device, medium and equipment |
| CN108694329A (en) * | 2018-05-15 | 2018-10-23 | 中国科学院信息工程研究所 | A kind of mobile intelligent terminal security incident based on software and hardware combining is credible record system and method |
| CN109032918A (en) * | 2018-05-31 | 2018-12-18 | 长安大学 | A kind of sensing node program exception diagnostic method based on abnormal task function trace |
| CN109032918B (en) * | 2018-05-31 | 2021-06-18 | 长安大学 | An abnormal diagnosis method of sensor node program based on abnormal task function trajectory |
| CN109344611A (en) * | 2018-09-06 | 2019-02-15 | 平安普惠企业管理有限公司 | Access control method, terminal device and the medium of application |
| CN109344611B (en) * | 2018-09-06 | 2024-02-27 | 天翼安全科技有限公司 | Application access control method, terminal equipment and medium |
| CN110889574A (en) * | 2018-09-11 | 2020-03-17 | 富士通株式会社 | Uncertainty factor detection device, method and medium for smart contract |
| CN109711159A (en) * | 2018-11-26 | 2019-05-03 | 北京计算机技术及应用研究所 | A kind of IP kernel rtl code security flaw detection method based on information flow |
| CN110471662A (en) * | 2019-08-21 | 2019-11-19 | 北京百度网讯科技有限公司 | Program transformation method, device and equipment |
| CN112527302A (en) * | 2019-09-19 | 2021-03-19 | 北京字节跳动网络技术有限公司 | Error detection method and device, terminal and storage medium |
| CN112527302B (en) * | 2019-09-19 | 2024-03-01 | 北京字节跳动网络技术有限公司 | Error detection method and device, terminal and storage medium |
| CN111738710A (en) * | 2020-07-23 | 2020-10-02 | 支付宝(杭州)信息技术有限公司 | Method and processor for resource deduction of execution of intelligent contract |
| CN111738710B (en) * | 2020-07-23 | 2020-12-01 | 支付宝(杭州)信息技术有限公司 | Method and processor for resource deduction of execution of intelligent contract |
| US11327756B2 (en) | 2020-07-23 | 2022-05-10 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and processors for performing resource deduction for execution of smart contract |
| CN113971278A (en) * | 2020-07-24 | 2022-01-25 | 中移(苏州)软件技术有限公司 | A memory vulnerability detection method and its device, equipment and storage medium |
| CN112182572B (en) * | 2020-08-25 | 2024-09-20 | 通号城市轨道交通技术有限公司 | Urban rail interlocking software code static measurement method and system |
| CN112182572A (en) * | 2020-08-25 | 2021-01-05 | 通号城市轨道交通技术有限公司 | Urban rail interlocking software code static measurement method and system |
| CN112434305B (en) * | 2020-12-07 | 2024-03-08 | 北京中科微澜科技有限公司 | Patch-based vulnerability detection method and device, storage medium and electronic equipment |
| CN112434305A (en) * | 2020-12-07 | 2021-03-02 | 北京中科微澜科技有限公司 | Patch-based vulnerability detection method and device, storage medium and electronic equipment |
| CN113221126A (en) * | 2021-05-31 | 2021-08-06 | 北京中科天齐信息技术有限公司 | TensorFlow program vulnerability detection method and device and electronic equipment |
| CN113221126B (en) * | 2021-05-31 | 2024-05-28 | 北京中科天齐信息技术有限公司 | A TensorFlow program vulnerability detection method, device and electronic device |
| CN114117426A (en) * | 2021-11-16 | 2022-03-01 | 中国人民解放军国防科技大学 | WEB application vulnerability detection method and system |
| CN115495369A (en) * | 2022-09-29 | 2022-12-20 | 中国电信股份有限公司 | Open source software security baseline detection method, device and system |
| CN116226673A (en) * | 2023-05-05 | 2023-06-06 | 中国人民解放军国防科技大学 | Training method of buffer region vulnerability recognition model, vulnerability detection method and device |
| CN116226673B (en) * | 2023-05-05 | 2023-07-07 | 中国人民解放军国防科技大学 | Training method for buffer vulnerability identification model, vulnerability detection method and device |
| CN117235746A (en) * | 2023-11-15 | 2023-12-15 | 深圳海云安网络安全技术有限公司 | Source code safety control platform based on multidimensional AST fusion detection |
| CN117235746B (en) * | 2023-11-15 | 2024-03-01 | 深圳海云安网络安全技术有限公司 | Source code safety control platform based on multidimensional AST fusion detection |
| CN117951016A (en) * | 2024-01-23 | 2024-04-30 | 复旦大学 | An automated detection method for firmware update vulnerabilities of IoT devices |
| CN118885327A (en) * | 2024-07-16 | 2024-11-01 | 湖南快乐阳光互动娱乐传媒有限公司 | Data verification method, device, storage medium and electronic equipment |
| CN118885327B (en) * | 2024-07-16 | 2025-12-16 | 湖南快乐阳光互动娱乐传媒有限公司 | Data verification method and device, storage medium and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102567200A (en) | Parallelization security hole detecting method based on function call graph | |
| Feist et al. | Slither: a static analysis framework for smart contracts | |
| Zheng et al. | D2a: A dataset built for ai-based vulnerability detection methods using differential analysis | |
| CN109992970B (en) | JAVA deserialization vulnerability detection system and method | |
| Hills et al. | An empirical study of PHP feature usage: a static analysis perspective | |
| Chen et al. | Coverage prediction for accelerating compiler testing | |
| Díaz et al. | Static analysis of source code security: Assessment of tools against SAMATE tests | |
| Droste et al. | MPI-checker: static analysis for MPI | |
| Jeong et al. | Utopia: Automatic generation of fuzz driver using unit tests | |
| CN105787367B (en) | A kind of the patch safety detecting method and system of software upgrading | |
| Nguyen et al. | Cross-language program slicing for dynamic web applications | |
| Chen et al. | Cati: Context-assisted type inference from stripped binaries | |
| Feldthaus et al. | Semi-automatic rename refactoring for JavaScript | |
| CN111475820A (en) | Binary vulnerability detection method and system based on executable program and storage medium | |
| CN101571828A (en) | Method for detecting code security hole based on constraint analysis and model checking | |
| CN102662825B (en) | Method for detecting memory leakage of heap operational program | |
| Huang et al. | Detecting sensitive data disclosure via bi-directional text correlation analysis | |
| Zhong et al. | An empirical study on API parameter rules | |
| CN110187988A (en) | Static function call graph construction method suitable for virtual functions and function pointers | |
| Cogumbreiro et al. | Checking data-race freedom of GPU kernels, compositionally | |
| Sonnekalb | Machine-learning supported vulnerability detection in source code | |
| Wang et al. | A systematic literature review on smart contract vulnerability detection by symbolic execution | |
| Deng et al. | Nestfuzz: Enhancing fuzzing with comprehensive understanding of input processing logic | |
| CN106295343A (en) | A kind of source code distributed detection system based on serializing intermediate representation and method | |
| Higo et al. | Enhancement of CRD-based clone tracking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120711 |