CN102567200A - Parallelization security hole detecting method based on function call graph - Google Patents
Parallelization security hole detecting method based on function call graph Download PDFInfo
- Publication number
- CN102567200A CN102567200A CN2011104171053A CN201110417105A CN102567200A CN 102567200 A CN102567200 A CN 102567200A CN 2011104171053 A CN2011104171053 A CN 2011104171053A CN 201110417105 A CN201110417105 A CN 201110417105A CN 102567200 A CN102567200 A CN 102567200A
- Authority
- CN
- China
- Prior art keywords
- function
- detected
- parallelization
- leaf node
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Abstract
The invention relates to a parallelization security hole detecting method based on a function call graph, which is characterized in that a function set to be detected is determined by analyzing the function call relation in a C language module, instrumentation and assert analysis are performed for the function set by means of the preprocessing technology, and then security holes of a program are detected by the aid of model checking and the parallelization technology. The method mainly includes the steps: generating the function relation call graph, and determining C function information to be detected by analyzing the function relation call graph; extracting attribute information of a buffer area related to C program source codes by the aid of the constraint analysis technology, and inserting corresponding ASSERT statement information in a variable declaration, an assignment and a function call point by means of the attribute information of the buffer area; and performing accessibility judgment for the instrumented codes, and analyzing whether a dangerous point in the program includes an accessible path to discover the security holes in the source codes or not. The method detects the security holes such as buffer area overflow and the like by combining the constraint analysis static detecting technology, model checking and the parallelization technology, and the detecting precision of the method is higher than that of the general static detecting technology.
Description
Technical field:
The present invention relates to a kind of parallel detecting method of source code leak.
Background technology:
Along with the development of infotech, computer software has been penetrated in the every field of national economy, and closely bound up with people's productive life.The safety problem of software also more and more highlights its importance, and in a single day some critical softwares are destroyed, and will cause professional and even nationwide paralysis.The user of malice can be directed against the mistake of specific software, thereby the operation malice codes obtains visiting the authority of invalid data.Buffer-overflow vulnerability is topmost a kind of in present this type security breaches.The user of malice can be through the input data layout of routine analyzer; And confirm that these deposit data are in the buffer zone of program; The user just might be through special input data like this; The sensitive data of stack space is override, special the return address of preserving is replaced with the address of the unused code of user oneself definition, like this disabled user just can the control program flow process, the execution illegal operation.
The leak of software can detect through static method and dynamic approach.Static method is divided into general static detection method and based on the formalization verification method of categorical theory, the first kind mainly is based on the leak that possibly exist in the method inspection code of process analysis; Second class methods then are the basis with formal logic, automaton theory, and whether proving program has certain character.The method of process analysis can not be carried out exhaustive to all states of program; Therefore degree of accuracy is not good enough; Model detects and can carry out exhaustive to the state of all programs; Yet in order to verify the character of a short and small program, need the program state possibility of search just very huge, the method that therefore pure model detects can not be carried out Hole Detection effectively.More effective a kind of model checking method is based on the software model detection method of abstract-checking-refinement example at present; The representative instrument is the Blast of University of California Berkeley's development; This method can suitably be ignored and the incoherent code of security breaches attribute, thereby has simplified whole verification process.This not only can increase detected leak number but also can reduce rate of false alarm, improves accuracy of detection.Different with static detection method is; Dynamic detection technology is to the not restriction of scale of program; Can detect large program, yet significantly deficiency is the dependence of dynamic detection technology to input, has only when specific input makes program implement dangerous point; Leak just can come to light, thereby causes rate of false alarm higher.
Simple model checking method is the direct leak of trace routine generally, such as Blast once by means of the quoted problem of null pointer in the Securd trace routine, but can not detect the security of more complicated buffer zone operation.In addition, when detecting extensive program, model checking method can produce state space blast problem.
Summary of the invention:
The technical matters that the present invention will solve is: can produce state space blast problem to model checking method; The method that proposes a kind of parallelization model detection comes buffer-overflow vulnerability is verified; This method can be applied in large-scale program and the embedded OS module practically at present, and has the advantage that reduces state space, low rate of false alarm.
The technical scheme that the present invention adopts is: based on the parallelization security flaw detection method of function call figure; It is characterized in that: through analyzing the function calling relationship generating function calling graph of program to be detected; Find out the leaf node function in the calling graph tree; Restart parallelisation procedure, utilize model checking tools to accomplish detection simultaneously, thereby judge and analyze security breaches and cause the path the leaf node function.
The present invention adopts the parallel optimization method based on function and multithreading.At first, utilize register transfer language (RTL) specificity analysis of GCC to go out the function calling relationship in each file in the module to be detected simultaneously to the multifile module of input, at this moment, generating function concerns calling graph.Then, the funtcional relationship calling graph is analyzed, finding in-degree is zero function node (leaf node).At last, the file that leaf node is belonged to carries out pre-service, starts multithreading and also utilizes model checking tools BLAST to carry out the accessibility checking through pretreated file.
Whole function call figure mainly divides following several sections:
(1) calling graph generation module, this module is accomplished the function calling relationship map generalization, through generating the function calls graph of a relation of file module to be detected, can begin to analyze and detect from the bottom function easily, also can dispatch whole testing process easily;
(2) analyze scheduler module; The task of this module is the whole testing process of scheduling on the basis of calling graph; Because the independence between module file, the function that calls subtree from difference generally has less correlativity or does not have correlativity, can be conveniently this type of function be carried out parallel detection;
(3) pre-processing module; This module has been set up the constraint Analysis mechanism of a cover to buffer-overflow vulnerability, for buffer zone increases attribute length information mainly in the enterprising row constraint analysis of the abstract syntax tree of GCC; Different buffer zone action statement generates corresponding to different attribute constraints; The process of completion code plug-in mounting is analyzed then and is asserted the distribution situation of assert, for the model detection module provides the basis;
(4) detection module, this module testing tool BLAST that uses a model accomplishes the file after handling through pre-processing module, and detection system starts multithreading and detects simultaneously.
Detecting based on the model of function and multi-threaded parallelization finally is a kind ofly to verify whether given system satisfies the technology of specific character.A given property description that system to be detected is relevant with system; Execution through the model detection algorithm; Algorithm can prove whether this system satisfies given character, if system does not satisfy given character, system can provide the error reporting that comprises counter-example with; Thereby detect security breaches, so the security breaches problem successfully has been converted into the Reachability question to error label ERROR.
Description of drawings:
The structure diagram that Fig. 1 implements for the inventive method;
Fig. 2 is the main algorithm of calling graph generation module
Fig. 3 is for analyzing the main algorithm of scheduler module
Fig. 4 is before the plug-in mounting and the contrast between the code behind the plug-in mounting, and what underscore marked among Fig. 4 b is the plug-in mounting code
Fig. 5 is the main algorithm of pre-processing module
Fig. 6 result that to be Blast detect the attribute restricted model, file path shown in the figure can show the Actual path of leak, makes things convenient for that the program personnel are manual to search and confirm.
Embodiment:
The present invention utilizes static analysis, concerns function calls relation in the method tracing program of calling graph through generating function, for analyzing scheduler module corresponding scheduling information is provided; Then; On this basis, the file of required plug-in mounting is handled through pre-processing module, last, realize that through detection module parallel model detects; To realize check and analysis, guaranteed accurate detection to the source code leak for the security breaches problem.Structural drawing such as Fig. 1.
1. calling graph generation module
At first this module generates the function calling relationship figure of software to be detected, and it can begin to analyze and detect from the bottom function easily, also can dispatch whole testing process easily.
In the process that realizes, we have utilized the characteristic of the register transfer language (RTL) of GCC.It is through in the frontal chromatography code of GCC, generating abstract syntax tree (AST), in the rear end of GCC, is compiled into the RTL language to AST as the transition that is compiled into final code.
Through analyzing the RTL file, we find function definition can in the RTL file, generate "; Function fun-name (fun-name) " format string; wherein fun-name is meant actual function name; when running into call function, and the RTL file can generate the RTL instruction of call, and regular expression provides general format and is " (call.* (fun-name) .*) "; wherein, fun-name is the function name of calling.Therefore, we obtain generating main algorithm such as Fig. 2 of calling graph part, and the main contents of algorithm are:
At first, utilize GCC to generate the RTL file, RTL analyzes to confirm the function calls relation, carries out information extraction in the RTL file each is capable then, if having satisfied "; Function " row of form; just note RTL file content represented function name and file name thereof; and to zone bit of this function setup, if the row of satisfied (call) form is arranged, just record the represented homophony of RTL fileinfo in another file with the function and the function that is called; preserve corresponding function information with this, think that analyzing scheduler module provides reference information.
2. analysis scheduler module
On the basis in a last step, accomplished the associative operation of funtcional relationship calling graph, the main task of analyzing scheduler module is to analyze calling graph, the whole testing process of scheduling on the basis of calling graph.Because the modularity characteristic of software to be detected, it is very little or do not have correlativity to call the functional dependence of subtree from difference, and therefore, through the analysis to the funtcional relationship calling graph, we can do parallel detection to some such functions.On the one hand, we have also considered the sensitivity transmission of interprocedual, and just the parameter of callee is handled the situation that can influence caller, with this, should begin from the function than bottom to detect; On the other hand, owing to be that bottom-up scheduling detects, and the function of bottom generally is distributed in the different module, and correlativity is smaller, so it is parallel relatively easy to realize.
In analyzing scheduling; The funtcional relationship calling graph that we at first analyze module information to be measured and are generated; Find out the leaf node that concerns in the calling graph, the mark function and the file thereof that need detect well dispatched testing tool at last these functions to be detected and file carried out parallel detection then.Thus, we have obtained analyzing main algorithm such as Fig. 3 of scheduler module, and the main contents of algorithm are:
At first, to the homophony function and the function that is called, a homophony function whenever calls a function in the function call figure each, and its out-degree count value adds at every turn be called once its in-degree count value of 1, one called function and adds 1; Then, search all out-degree count values in the module file and be 0 function, and be labeled as leaf node, join in the leaf node array; Secondly, the fileinfo that belongs to all leaf nodes and leaf node is archived to during specific leaf sets a file, and carries out Hole Detection conveniently to utilize model checking tools.
3. pre-processing module
The main completion code plug-in mounting of pre-processing module with assert the function of analyzing.Code instrumentation adopts syntax-directed method; In the enterprising row constraint analysis of the abstract syntax tree of GCC; Set up the constraint Analysis mechanism of a cover to buffer-overflow vulnerability, for buffer zone increases attribute length information, different buffer zone action statement generates corresponding to different attribute constraints.For describing whole constraint Analysis process; At first carry out abstract to the C language; The non-stream sensitivity of analytic process; Can the processing controls stream information, analyze the present invention and the C language syntax of being concerned about is carried out abstract for simplifying, comprise pointer variable, integer variable, function call, Memory Allocation and assignment statement.According to the abstract operation of these grammers, generates corresponding property and handle statement, and create-rule is to be provided by the xml configuration file that this document will directly instruct the foundation of buffer zone attribute model to buffer zone.The good code of Fig. 4 a plug-in mounting is the C language codes that can compile, like Fig. 4 b.Because the singularity that parallel model detects and the limitation of BLAST model checking tools, we have done corresponding change by the C language codes after to plug-in mounting, comment out promptly that to comprise the C language codes that assert asserts capable.Activating assert to be detected one by one when analyzing conveniently to assert asserts.
After pre-processing module is accomplished plug-in mounting to file, also need analyze and assert the distribution situation of assert, judge the function at assert place, the binding analysis scheduler module provides function name to be detected and filename, for the model detection module provides the basis.Assert and analyze in search assert, can analyze and write down the residing action scope of statement, thereby analyze function definition.The specific algorithm of this pre-processing module such as Fig. 5, the main contents of algorithm are:
At first, for all leaf nodes, read out the C language file at leaf node place line by line; When tracking the leaf node function, correspondingly do a sign, if dangerous point function in the leaf node; The assert that is plug-in mounting asserts; Activate this to be detected asserting so, and be saved in it in the corresponding file, carry out parallel detection to make things convenient for the model detection module.Then, in the leaf function, continue to search, assert, carry out according to top method so if find assert once more, otherwise, jump out leaf node, then reset sign, thereby continue to follow the trail of other the leaf node and the C language file at place thereof.
Assert through only comprising an activation in each file that obtains after the pre-processing module processing asserts; To make things convenient for model checking tools to detect; Simultaneously owing to correlativity between the leaf node is less relatively; So the method that we can launch multithreading detects the C language file of handling the back generation through pre-processing module.
4. detection module
The detection module testing tool BLAST that uses a model detects through pretreated C language file, and this module starts multithreading and detects simultaneously.Detection module carries out the accessibility checking to the function name of analyzing the scheduler module generation with asserting, the testing result that obtains is scheduler module processing by analysis also.
Blast is the model checking tools of analyzing between a control stream sensitivity and supporting process.People such as Thomas A.Henzinger exploitation by University of California.Blast has carried out accurate inspection to the null pointer misquotation of C language codes, and rate of false alarm is very low; Blast can carry out the approachability analysis of code in addition, and just whether determining program can begin to carry out and arrive certain appointed positions from entering the mouth out.
Use Blast that the attribute model of being set up in the last step is carried out approachability analysis.Attribute constraint for being generated in the attribute model changes the label (Fig. 4 b) that Blast need verify into through macro substitution, if this label can reach, shows that then there are security breaches in this place.Blast uses the method for counter-example guidance to carry out approachability analysis, can the execution route from program entry to this label be noted, and through can analyze the execution route that produces security breaches to path trace, makes things convenient for that the program personnel are manual to search and confirm.Fig. 6 illustrates resulting Hole Detection result, in this result, shows the position and the filename of leak path file, opens the specifying information that this document can be seen the leak path.
The main thought of detection module is exactly to carry out the accessibility checking with function entrance.Because it is that elementary cell is carried out that model detects with the function, with respect to the accessibility that begins from the main function, the number of times that calls the theorem prover inquiry can reduce relatively, and the searching route of checking also can shorten relatively.In addition, another the obvious benefit that detects based on function makes things convenient for parallel detection to handle exactly, begins from leaf node because model detects, and the correlativity between the leaf node function is less or do not have a correlativity.The parallel detection here is to adopt POSIX threads (being called for short Pthreads).Pthreads is that a cover is commonly used in the parallel storehouse of carrying out multiple programming on the multi-core platform, and it has made full use of the multinuclear resource on the machine.
Claims (5)
1. based on the parallelization security flaw detection method of function call figure; It is characterized in that: to the blast of the state space in Hole Detection process problem; Through analyzing the characteristic of c program module to be detected; Call relation and generating function between the determination module inner function concern calling graph; Thereby find out-degree is zero function (leaf node) set and the C language file that belongs to thereof, and utilizes preconditioning technique to carry out code instrumentation then and analysis utilizes model checking tools that leaf node is carried out parallel detection at last with asserting.To leaf node detect finish after, from funtcional relationship calling graph deletion leaf node, search leaf node again, and the duplicated code plug-in mounting, assert and analyze and testing process, up to detecting complete funtcional relationship calling graph.
2. according to claim 1 based on modularity function call relation map generalization in the parallelization security flaw detection method of function call figure; It is characterized in that: the characteristic of utilizing GCC register transfer language (RTL); With the function is that unit confirms the function calls relation; Generating function concerns calling graph, notes the C language file at each function place simultaneously according to tracing process.
3. according to analyzing scheduler module in claim 1 and the 2 described parallelization security flaw detection methods based on function call figure; It is characterized in that: according to the content shown in the funtcional relationship calling graph; (it is a function that quilt defines in certain C language file in the C language module to be detected to find leaf node; It is called by other functions in the module to be detected; But itself also never calls other functions in any module to be detected), and the C language file at leaf node set and leaf node place left in the related data structure respectively.
4. according to claim 1 based on pre-processing module in the parallelization security flaw detection method of function call figure; It is characterized in that: through the compiler front-end analysis of standard; With quote to pointer, the definition of array, pointer, array visit and calling etc. of dangerous function all added the renewal of buffer zone attribute constraint and asserted information; Program flow can arrive error label if attribute assertion or attribute properties are false so; Thereby detect security breaches, comprise that each file all can compile in the C language file to be detected that assert asserts, and the assert to be detected that only comprises an activation asserts.
5. according to claim 1 based on parallel scheduler module in the parallelization security flaw detection method of function call figure; It is characterized in that: utilize model checking tools BLAST that pretreated C language file is detected; Because the correlativity of each leaf node is less or do not have a characteristic of correlativity; We use the parallelization technology that these files to be detected are carried out the model detection and have made full use of the multinuclear resource, can more fast and effeciently reach the effect of Hole Detection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104171053A CN102567200A (en) | 2011-12-14 | 2011-12-14 | Parallelization security hole detecting method based on function call graph |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104171053A CN102567200A (en) | 2011-12-14 | 2011-12-14 | Parallelization security hole detecting method based on function call graph |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102567200A true CN102567200A (en) | 2012-07-11 |
Family
ID=46412667
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011104171053A Pending CN102567200A (en) | 2011-12-14 | 2011-12-14 | Parallelization security hole detecting method based on function call graph |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102567200A (en) |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938040A (en) * | 2012-09-29 | 2013-02-20 | 中兴通讯股份有限公司 | Malicious Android application program detection method, system and device |
| CN103049701A (en) * | 2012-11-30 | 2013-04-17 | 南京翰海源信息技术有限公司 | Detecting system and method for shellcode based on memory searching |
| CN103365774A (en) * | 2013-08-22 | 2013-10-23 | 北京航空航天大学 | Transient error detection method based on function call relationship |
| CN103440196A (en) * | 2013-07-11 | 2013-12-11 | 大连交通大学 | Resource problem detection method for novel operation system |
| CN104504337A (en) * | 2014-12-31 | 2015-04-08 | 中国人民解放军理工大学 | Method for detecting malicious application disclosing Android data |
| CN105468508A (en) * | 2014-09-04 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Code testing method and apparatus |
| CN105589904A (en) * | 2014-12-11 | 2016-05-18 | 中国银联股份有限公司 | Bytecode comparison based influence backtracking analysis method and backtracking analysis device |
| CN105745647A (en) * | 2013-11-19 | 2016-07-06 | 谷歌公司 | Callpath finder |
| CN105955883A (en) * | 2016-04-27 | 2016-09-21 | 中国科学院软件研究所 | Single-machine multi-core parallel model checking method with high performance |
| CN106326103A (en) * | 2015-07-06 | 2017-01-11 | 阿里巴巴集团控股有限公司 | Method and apparatus used for detecting vulnerability of to-be-detected application |
| CN106339315A (en) * | 2016-08-19 | 2017-01-18 | 东软集团股份有限公司 | Defect positioning method and device |
| CN108170434A (en) * | 2017-12-26 | 2018-06-15 | 首都师范大学 | The parallel acquisition methods and device in dangerous path |
| CN108694329A (en) * | 2018-05-15 | 2018-10-23 | 中国科学院信息工程研究所 | A kind of mobile intelligent terminal security incident based on software and hardware combining is credible record system and method |
| CN109032918A (en) * | 2018-05-31 | 2018-12-18 | 长安大学 | A kind of sensing node program exception diagnostic method based on abnormal task function trace |
| CN109344611A (en) * | 2018-09-06 | 2019-02-15 | 平安普惠企业管理有限公司 | Access control method, terminal device and the medium of application |
| CN109711159A (en) * | 2018-11-26 | 2019-05-03 | 北京计算机技术及应用研究所 | A kind of IP kernel rtl code security flaw detection method based on information flow |
| CN110363004A (en) * | 2018-04-10 | 2019-10-22 | 腾讯科技(深圳)有限公司 | A kind of code vulnerabilities detection method, device, medium and equipment |
| CN110471662A (en) * | 2019-08-21 | 2019-11-19 | 北京百度网讯科技有限公司 | Program transformation method, device and equipment |
| CN110889574A (en) * | 2018-09-11 | 2020-03-17 | 富士通株式会社 | Uncertainty factor detection device, method and medium for intelligent contract |
| CN111738710A (en) * | 2020-07-23 | 2020-10-02 | 支付宝(杭州)信息技术有限公司 | Method and processor for resource deduction of execution of intelligent contract |
| CN112434305A (en) * | 2020-12-07 | 2021-03-02 | 北京中科微澜科技有限公司 | Patch-based vulnerability detection method and device, storage medium and electronic equipment |
| CN112527302A (en) * | 2019-09-19 | 2021-03-19 | 北京字节跳动网络技术有限公司 | Error detection method and device, terminal and storage medium |
| CN113221126A (en) * | 2021-05-31 | 2021-08-06 | 北京中科天齐信息技术有限公司 | TensorFlow program vulnerability detection method and device and electronic equipment |
| CN114117426A (en) * | 2021-11-16 | 2022-03-01 | 中国人民解放军国防科技大学 | WEB application vulnerability detection method and system |
| CN116226673A (en) * | 2023-05-05 | 2023-06-06 | 中国人民解放军国防科技大学 | Training method of buffer region vulnerability recognition model, vulnerability detection method and device |
| CN117235746A (en) * | 2023-11-15 | 2023-12-15 | 深圳海云安网络安全技术有限公司 | Source code safety control platform based on multidimensional AST fusion detection |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006031363A (en) * | 2004-07-15 | 2006-02-02 | Mitsubishi Research Institute Inc | Buffer overflow vulnerability detection program and buffer overflow vulnerability detection method |
| CN101571828A (en) * | 2009-06-11 | 2009-11-04 | 北京航空航天大学 | Method for detecting code security hole based on constraint analysis and model checking |
-
2011
- 2011-12-14 CN CN2011104171053A patent/CN102567200A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006031363A (en) * | 2004-07-15 | 2006-02-02 | Mitsubishi Research Institute Inc | Buffer overflow vulnerability detection program and buffer overflow vulnerability detection method |
| CN101571828A (en) * | 2009-06-11 | 2009-11-04 | 北京航空航天大学 | Method for detecting code security hole based on constraint analysis and model checking |
Non-Patent Citations (2)
| Title |
|---|
| GANG WANG等: "A Parallel Vulnerability Detection Framework via MPI", 《2011 INTERNATIONAL CONFERENCE ON MANAGEMENT AND SERVICE SCIENCE》 * |
| 邝宏斌等: "并行软件模型检测", 《计算机工程》 * |
Cited By (41)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938040A (en) * | 2012-09-29 | 2013-02-20 | 中兴通讯股份有限公司 | Malicious Android application program detection method, system and device |
| CN103049701A (en) * | 2012-11-30 | 2013-04-17 | 南京翰海源信息技术有限公司 | Detecting system and method for shellcode based on memory searching |
| CN103440196B (en) * | 2013-07-11 | 2016-03-09 | 大连交通大学 | A kind of operating-system resources failure detecting method |
| CN103440196A (en) * | 2013-07-11 | 2013-12-11 | 大连交通大学 | Resource problem detection method for novel operation system |
| CN103365774A (en) * | 2013-08-22 | 2013-10-23 | 北京航空航天大学 | Transient error detection method based on function call relationship |
| CN105745647A (en) * | 2013-11-19 | 2016-07-06 | 谷歌公司 | Callpath finder |
| CN105745647B (en) * | 2013-11-19 | 2019-06-04 | 谷歌有限责任公司 | Call path finder |
| CN105468508A (en) * | 2014-09-04 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Code testing method and apparatus |
| CN105468508B (en) * | 2014-09-04 | 2018-07-03 | 阿里巴巴集团控股有限公司 | code detection method and device |
| CN105589904A (en) * | 2014-12-11 | 2016-05-18 | 中国银联股份有限公司 | Bytecode comparison based influence backtracking analysis method and backtracking analysis device |
| CN105589904B (en) * | 2014-12-11 | 2018-11-27 | 中国银联股份有限公司 | The influence backtracking analysis method and backtracking analytical equipment compared based on bytecode |
| CN104504337A (en) * | 2014-12-31 | 2015-04-08 | 中国人民解放军理工大学 | Method for detecting malicious application disclosing Android data |
| CN106326103A (en) * | 2015-07-06 | 2017-01-11 | 阿里巴巴集团控股有限公司 | Method and apparatus used for detecting vulnerability of to-be-detected application |
| CN106326103B (en) * | 2015-07-06 | 2019-01-04 | 阿里巴巴集团控股有限公司 | For detecting the method and device of the loophole of application to be detected |
| CN105955883A (en) * | 2016-04-27 | 2016-09-21 | 中国科学院软件研究所 | Single-machine multi-core parallel model checking method with high performance |
| CN105955883B (en) * | 2016-04-27 | 2018-08-03 | 中国科学院软件研究所 | A kind of high-performance single machine multi-core parallel concurrent model checking method |
| CN106339315B (en) * | 2016-08-19 | 2019-03-22 | 东软集团股份有限公司 | Position the method and device of defect |
| CN106339315A (en) * | 2016-08-19 | 2017-01-18 | 东软集团股份有限公司 | Defect positioning method and device |
| CN108170434A (en) * | 2017-12-26 | 2018-06-15 | 首都师范大学 | The parallel acquisition methods and device in dangerous path |
| CN110363004A (en) * | 2018-04-10 | 2019-10-22 | 腾讯科技(深圳)有限公司 | A kind of code vulnerabilities detection method, device, medium and equipment |
| CN108694329A (en) * | 2018-05-15 | 2018-10-23 | 中国科学院信息工程研究所 | A kind of mobile intelligent terminal security incident based on software and hardware combining is credible record system and method |
| CN109032918A (en) * | 2018-05-31 | 2018-12-18 | 长安大学 | A kind of sensing node program exception diagnostic method based on abnormal task function trace |
| CN109032918B (en) * | 2018-05-31 | 2021-06-18 | 长安大学 | Sensing node program abnormity diagnosis method based on abnormal task function track |
| CN109344611A (en) * | 2018-09-06 | 2019-02-15 | 平安普惠企业管理有限公司 | Access control method, terminal device and the medium of application |
| CN109344611B (en) * | 2018-09-06 | 2024-02-27 | 天翼安全科技有限公司 | Application access control method, terminal equipment and medium |
| CN110889574A (en) * | 2018-09-11 | 2020-03-17 | 富士通株式会社 | Uncertainty factor detection device, method and medium for intelligent contract |
| CN109711159A (en) * | 2018-11-26 | 2019-05-03 | 北京计算机技术及应用研究所 | A kind of IP kernel rtl code security flaw detection method based on information flow |
| CN110471662A (en) * | 2019-08-21 | 2019-11-19 | 北京百度网讯科技有限公司 | Program transformation method, device and equipment |
| CN112527302A (en) * | 2019-09-19 | 2021-03-19 | 北京字节跳动网络技术有限公司 | Error detection method and device, terminal and storage medium |
| CN112527302B (en) * | 2019-09-19 | 2024-03-01 | 北京字节跳动网络技术有限公司 | Error detection method and device, terminal and storage medium |
| CN111738710B (en) * | 2020-07-23 | 2020-12-01 | 支付宝(杭州)信息技术有限公司 | Method and processor for resource deduction of execution of intelligent contract |
| US11327756B2 (en) | 2020-07-23 | 2022-05-10 | Alipay (Hangzhou) Information Technology Co., Ltd. | Methods and processors for performing resource deduction for execution of smart contract |
| CN111738710A (en) * | 2020-07-23 | 2020-10-02 | 支付宝(杭州)信息技术有限公司 | Method and processor for resource deduction of execution of intelligent contract |
| CN112434305A (en) * | 2020-12-07 | 2021-03-02 | 北京中科微澜科技有限公司 | Patch-based vulnerability detection method and device, storage medium and electronic equipment |
| CN112434305B (en) * | 2020-12-07 | 2024-03-08 | 北京中科微澜科技有限公司 | Patch-based vulnerability detection method and device, storage medium and electronic equipment |
| CN113221126A (en) * | 2021-05-31 | 2021-08-06 | 北京中科天齐信息技术有限公司 | TensorFlow program vulnerability detection method and device and electronic equipment |
| CN114117426A (en) * | 2021-11-16 | 2022-03-01 | 中国人民解放军国防科技大学 | WEB application vulnerability detection method and system |
| CN116226673A (en) * | 2023-05-05 | 2023-06-06 | 中国人民解放军国防科技大学 | Training method of buffer region vulnerability recognition model, vulnerability detection method and device |
| CN116226673B (en) * | 2023-05-05 | 2023-07-07 | 中国人民解放军国防科技大学 | Training method of buffer region vulnerability recognition model, vulnerability detection method and device |
| CN117235746A (en) * | 2023-11-15 | 2023-12-15 | 深圳海云安网络安全技术有限公司 | Source code safety control platform based on multidimensional AST fusion detection |
| CN117235746B (en) * | 2023-11-15 | 2024-03-01 | 深圳海云安网络安全技术有限公司 | Source code safety control platform based on multidimensional AST fusion detection |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102567200A (en) | Parallelization security hole detecting method based on function call graph | |
| Zheng et al. | D2a: A dataset built for ai-based vulnerability detection methods using differential analysis | |
| Feist et al. | Slither: a static analysis framework for smart contracts | |
| CN101571828B (en) | Method for detecting code security hole based on constraint analysis and model checking | |
| Lee et al. | Compass: A framework for automated performance modeling and prediction | |
| CN105787367B (en) | A kind of the patch safety detecting method and system of software upgrading | |
| CN105912381B (en) | A kind of compiling duration code security detection method in rule-based library | |
| Tan et al. | Making k-object-sensitive pointer analysis more precise with still k-limiting | |
| Chen et al. | Coverage prediction for accelerating compiler testing | |
| Nguyen et al. | Cross-language program slicing for dynamic web applications | |
| CN102662825B (en) | Method for detecting memory leakage of heap operational program | |
| Huang et al. | Detecting sensitive data disclosure via bi-directional text correlation analysis | |
| Cassez et al. | Skink: Static Analysis of Programs in LLVM Intermediate Representation: (Competition Contribution) | |
| Zhong et al. | An empirical study on API parameter rules | |
| CN104090798A (en) | Dynamic and static combined interrupt drive program data race detection method | |
| CN103294596A (en) | Early warning method for contract-type software fault based on program invariants | |
| Bagheri et al. | A comparison of different source code representation methods for vulnerability prediction in python | |
| CN105630678B (en) | A kind of the reliability detector and its detection method of intelligent electric energy meter software | |
| CN102662829B (en) | Processing method and apparatus for complex data structure in code static state testing | |
| CN109213677A (en) | The mutation testing method relied on based on Android multi-thread data | |
| Padmanabhuni et al. | Predicting buffer overflow vulnerabilities through mining light-weight static code attributes | |
| Ortin et al. | Cnerator: A Python application for the controlled stochastic generation of standard C source code | |
| Ibing | SMT-constrained symbolic execution for Eclipse CDT/Codan | |
| Maiza et al. | The W-SEPT project: Towards semantic-aware WCET estimation | |
| Hao et al. | Test-data generation guided by static defect detection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120711 |