本文關(guān)鍵詞： 二進制漏洞挖掘 動態(tài)插裝 污點分析 智能Fuzzing　出處：《北京郵電大學(xué)》2013年碩士論文　論文類型：學(xué)位論文

【摘要】：隨著信息技術(shù)的發(fā)展,計算機軟件在經(jīng)濟、醫(yī)療、國防等各個領(lǐng)域發(fā)揮著關(guān)鍵作用。在此情形下,軟件安全作為信息系統(tǒng)的基本屬性,成為影響國計民生的問題之一。近年來,雖然各大軟件廠商都積極在產(chǎn)品的研發(fā)階段采用“安全開發(fā)生命周期”,軟件開發(fā)人員的安全編碼意識較前些年相比也有顯著提高,但軟件復(fù)雜度和代碼量的不斷提高,決定了無法徹底杜絕漏洞的出現(xiàn)。這無疑使攻擊者有機可乘——利用軟件漏洞發(fā)起的“高級持續(xù)威脅”攻擊事件層出不窮,使網(wǎng)絡(luò)安全面臨嚴峻的威脅。盡早發(fā)現(xiàn)并及時修補軟件漏洞,對保護互聯(lián)網(wǎng)用戶的個人信息安全和維護國家安全都有積極地促進作用。軟件漏洞挖掘技術(shù)也因此成為安全研究領(lǐng)域備受關(guān)注的熱點課題之一。 根據(jù)研究對象的不同,軟件漏洞挖掘技術(shù)可分為兩類：一類是針對開放源代碼軟件進行源代碼級別的漏洞檢測；一類是針對閉源軟件進行二進制級別的漏洞檢測。由于大多數(shù)軟件廠商出于對自身商業(yè)利益和知識產(chǎn)權(quán)的保護,并不向開發(fā)社區(qū)和安全研究社區(qū)開放其產(chǎn)品的源代碼。而且源代碼在被編譯的過程中,可能會由于編譯器不當(dāng)?shù)木幾g優(yōu)化,生成存在安全缺陷的二進制代碼�；谏鲜鲈�,面向二進制的漏洞挖掘技術(shù)是當(dāng)前研究的主流方向。 與源代碼級別的漏洞挖檢測比,二進制級別的漏洞檢測面臨以下難點： (1)信息缺乏。雖然可以對二進制文件進行反匯編得到匯編代碼,但仍然缺乏變量類型信息,數(shù)據(jù)結(jié)構(gòu)信息以及程序的語義信息。特別是間接跳轉(zhuǎn)和指針別名問題,給二進制級別的漏洞檢測帶來極大的挑戰(zhàn)。 (2)x86指令復(fù)雜�；趚86結(jié)構(gòu)的指令集指令類型繁多,不同指令的操作數(shù)數(shù)目不同,且往往單條指令會對多個操作數(shù)產(chǎn)生影響。這會對二進制級別程序分析的精確性產(chǎn)生一定影響。 本文圍繞二進制應(yīng)用程序漏洞挖掘著一課題,深入研究了以下問題：(1)二進制動態(tài)插裝平臺PIN插件開發(fā)技術(shù)；(2)基于PIN的模糊測試用例集優(yōu)化技術(shù)；(3)基于XML的漏洞模式形式化描述技術(shù)；(4)離線細粒度污點分析技術(shù)；(5)基于污點分析的智能Fuzzing系統(tǒng)的設(shè)計。
[Abstract]:With the development of information technology, computer software plays a key role in the fields of economy, medical treatment, national defense and so on. In this case, software security is the basic attribute of information system. In recent years, although the major software manufacturers actively adopt the "safe development life cycle" in the stage of product development. The security coding awareness of software developers is also significantly improved compared with previous years, but the software complexity and code volume are increasing. This makes it possible for attackers to take advantage of the "advanced persistent threat" attacks launched by software vulnerabilities. Make network security face severe threat. Discover and repair software vulnerabilities as soon as possible. It can promote both the personal information security of Internet users and the national security. Therefore, software vulnerability mining technology has become one of the hot topics in the field of security research. According to the different research object, software vulnerability mining technology can be divided into two categories: one is the open source software source code level vulnerability detection; One is binary level vulnerability detection for closed source software, because most software vendors protect their business interests and intellectual property rights. The source code for their products is not open to the development community and the security research community. And the source code may be compiled and optimized as a result of improper compilers during compilation. Based on the above reasons, the binary oriented vulnerability mining technology is the main research direction. Compared to source code level vulnerability detection, binary level vulnerability detection faces the following difficulties: Lack of information. Although binaries can be disassembled to get assembly code, variable type information is still lacking. Data structure information and program semantic information, especially indirect jump and pointer alias problems, bring great challenges to vulnerability detection at binary level. The instruction set based on x86 structure has a variety of instruction types and the number of operands of different instructions is different. And often a single instruction will have an impact on multiple operands, which will have an impact on the accuracy of the binary level program analysis. This paper focuses on the exploitation of vulnerabilities in binary applications, and deeply studies the following question: 1) PIN plug-in development technology of binary dynamic instrumentation platform; (2) Fuzzy test case set optimization technology based on PIN; (3) formal description technology of vulnerability pattern based on XML; (4) Off-line fine particle stain analysis technology; 5) the design of intelligent Fuzzing system based on stain analysis.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2013
【分類號】：TP309

【參考文獻】

相關(guān)期刊論文 前6條

1 于璐;沈毅;;Fuzzing測試中樣本優(yōu)化算法的分析與改進[J];計算機安全;2011年04期

2 忽朝儉;李舟軍;郭濤;時志偉;;寫污點值到污點地址漏洞模式檢測[J];計算機研究與發(fā)展;2011年08期

3 陳建敏;舒輝;熊小兵;;基于符號化執(zhí)行的Fuzzing測試方法[J];計算機工程;2009年21期

4 崔寶江;國鵬飛;王建新;;基于符號執(zhí)行與實際執(zhí)行的二進制代碼執(zhí)行路徑分析[J];清華大學(xué)學(xué)報(自然科學(xué)版);2009年S2期

5 文偉平;吳興麗;蔣建春;;軟件安全漏洞挖掘的研究思路及發(fā)展趨勢[J];信息網(wǎng)絡(luò)安全;2009年10期

6 徐有福;文偉平;萬正蘇;;基于漏洞模型檢測的安全漏洞挖掘方法研究[J];信息網(wǎng)絡(luò)安全;2011年08期

相關(guān)博士學(xué)位論文 前1條

1 李根;基于動態(tài)測試用例生成的二進制軟件缺陷自動發(fā)掘技術(shù)研究[D];國防科學(xué)技術(shù)大學(xué);2010年

相關(guān)碩士學(xué)位論文 前2條

1 王金錠;二進制程序漏洞挖掘技術(shù)的研究與工具實現(xiàn)[D];中國科學(xué)技術(shù)大學(xué);2011年

2 楊俊;基于函數(shù)摘要的二進制漏洞挖掘技術(shù)研究[D];中國科學(xué)技術(shù)大學(xué);2011年

，

本文編號：1460799