CN106446688A - DCR-based dynamic vulnerability detection method and system - Google Patents
DCR-based dynamic vulnerability detection method and system Download PDFInfo
- Publication number
- CN106446688A CN106446688A CN201610984323.8A CN201610984323A CN106446688A CN 106446688 A CN106446688 A CN 106446688A CN 201610984323 A CN201610984323 A CN 201610984323A CN 106446688 A CN106446688 A CN 106446688A
- Authority
- CN
- China
- Prior art keywords
- test case
- node
- execution
- task
- test
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
Abstract
The invention discloses a DCR-based dynamic vulnerability detection method and a system. The method comprises the following steps: 1) reconstructing a vulnerability detection system on the basis of a DCR parallel computed structure feature; 2) generating a test task according to a seed test case input to an initial task and putting into a task queue of a dispatching node; 3) distributing the task in the task queue to an idle calculation node by the dispatching node; 4) executing the corresponding test task by the calculation node, after ending the execution, taking the newly generated test cases and the test case resulted in target program crash as calculation results and sending to the dispatching node; 5) stipulating all the received calculation results by the dispatching node, organizing all the newly generated test cases into test tasks and transferring to the task queue, and storing the test case resulted in target program crash; 6) repeating the steps 3)-5) till the task queue is empty, and then confirming the vulnerability of the target program according to the stored test case resulted in target program crash.
Description
Technical field
The present invention relates to a kind of dynamic bug excavation system and method based on DCR, belong to soft project and information security
Field.
Background technology
With the development of network technology, computer technology has obtained rapid popularization, but thus also creates a lot
Safety problem.Wherein, leak is the most important factor of menace network safety.Due to the presence of leak, hacker or lawless person can
To steal user profile, lift system authority, serious threat user or even nation's security.Especially some 0day leaks, by
In also timely not repaired, more threaten the safety of network.
For each safety problem, safety problem has also gradually been put on schedule by country, and gives enough attention.
" the national vulnerability database " that China Information Technology Security Evaluation Center provides has been put into operation, and centralized network security and information-based leader are little
, with regard to the discussion of legislation on network security, these all indicate that the work of information security is appointed for group establishment, operator and internet giant
Weight road is remote.
Bug excavation and analysis are the keys effectively searching leak.Bug excavation method is broadly divided into static analysis and dynamic
Analysis, because software most of in actual life does not provide source code, the importance of dynamic analysis is just embodied.The most frequently used
Dynamic analysing method has dynamic stain analytical technology, symbolic execution technique and fuzz testing technology etc..By with reference to multiple dynamic
Bug excavation analysis method and technology, can preferably design bug excavation system, realize leak and find and confirm.
With the fast development of information security and bug excavation technology, current bug excavation algorithm is computationally intensive, algorithm is multiple
Polygamy is high, is often required to run several months using certain binary application program as the test of the bug excavation of test target, very
Time-consuming.The efficiency how effectively improving dynamic leak becomes problem in the urgent need to address.
Content of the invention
For technical problem present in prior art, it is an object of the invention to provide a kind of dynamic leakage based on DCR
Hole digging system and method, are efficiently completed whole test assignment.
DCR (Decompose, Computation, Reduce) is a kind of new parallel programming model and runs support ring
Border, whole calculating process is reduced to decompose, calculates and three parts of stipulations by this parallel programming model, and operation support environment provides
Dynamic load leveling, calculate scale dynamic change, function that node failure automatically processes.By scheduling node and calculate node
Cooperation, realize towards compute-intensive applications parallelization processing platform.
Two kinds of technology are effectively combined by the feature processing in view of the efficiency during bug excavation and parallelization
Get up, during DCR parallelization computing is applied to dynamic bug excavation, make full use of existing computing resource and storage
Resource, effectively increases automation and the intellectuality that dynamic bug excavation analyzes process, effectively improves the efficiency of bug excavation.
The technical solution used in the present invention is:
A kind of dynamic bug excavation method based on DCR, its step is:
1) according to the architectural feature that DCR parallelization calculates, bug excavation system is reconstructed, the bug excavation after reconstruct
System includes scheduling node and calculate node;
2) the seed Test cases technology test assignment in the initiating task according to input is put into appointing of described scheduling node
In business queue;
3) task in described task queue is distributed to the free time by the task management of described scheduling node and distribute module
Calculate node;
4) described calculate node executes corresponding test assignment, after execution terminates, by the new test case producing with lead
The test case that target program collapses is caused to pass to the protocol module of described scheduling node as result of calculation;
5) described protocol module carries out stipulations, and the test case group by all new generations to all result of calculations receiving
It is made into test assignment and passes to described task queue, the test case leading to program crashing is preserved;
6) repeat step 3)~5), until described task queue is sky;Then the test according to the cause program crashing preserving
Use-case determines the leak that this target program exists.
Further, described calculate node obtains input data in this target program by using dynamic stain analysis method
In execution route, then by path symbolism and according to perform track extract execution route in constraints obtain a constraint
Set of circumstances, then carries out solving to this constraints set and calculates and generate new test case.
Further, all execution routes of this target program are abstracted into one and execute tree by described calculate node, will
All branches that redirect of this target program are as the node of tree, the once execution of every paths representation program of execution tree.
Further, described calculate node executes corresponding test assignment according to this execution tree, and its method is:If described meter
During operator node implementation of test cases a, the execution route of this target program is i, then produces new test by this test case a and uses
During example, start to extract constraint condition set merging solution calculating from the depth d depth below of this test case a, from current depth
Following branch starts, constant to branch node conditional negation other conditions every time, produces new test case;Final time
Go through all feasible paths of whole execution tree of this target program;Execution terminate after, by produce whole new test case and
The test case that target program collapses is led to pass to the protocol module of described scheduling node as result of calculation.
A kind of dynamic bug excavation system based on DCR is it is characterised in that include scheduling node and calculate node;Described
It is provided with task queue, task management and distribute module and protocol module in scheduling node;
Described task queue, for storing unenforced test assignment;
Described task management and distribute module, for distributing to the calculating section of free time by the task in described task queue
Point;
Described calculate node executes corresponding test assignment, after execution terminates, by the new test case producing with lead to
The test case of target program collapse passes to described protocol module as result of calculation;
Described protocol module carries out stipulations, and the test case tissue by all new generations to all result of calculations receiving
Become test assignment to pass to described task queue, the test case leading to program crashing is preserved, for determining this target
The leak that program whether there is.
The present invention provides initiating task firstly the need of outside, after storing task queue, task management and distribute module pair
Test assignment is managed and dispatches, and takes into account node control and management, and task can be assigned to bug excavation calculate node, holds
Row terminates rear protocol module and can carry out stipulations to all of result of calculation, and the new test assignment producing is input to task team
Row, the test case leading to program crashing is preserved.
Specifically, the technical solution used in the present invention is as follows:
A kind of dynamic bug excavation system based on DCR platform, is to be designed according to bug excavation system model to realize, right
Ratio DCR iterative process, dynamic bug excavation procedure decomposition is into decomposition, calculates and three functional structures of stipulations, to leakage
Hole digging system is reconstructed, and carries out function according to bug excavation calculate node functional diagram to bug excavation node procedure module
Design.From functional module, this initiating task, task queue, task management are included based on the dynamic bug excavation system of DCR
With distribute module, bug excavation calculate node and protocol module;Described initiating task is provided by outside, that is, provide initial testing to use
Example, is clearly test for binary program (i.e. target program) simultaneously;Described task queue preserves all also unenforced tasks
(including not completing in initiating task and all new being not carried out of tasks being subsequently generated);Described task management and distribution
Module is according to task and calculate node dynamic resource management scheduler task;Described bug excavation calculate node is entered according to test assignment
The corresponding bug excavation of row calculates and operates and generate new test case;The result of calculation to all calculate nodes for the described protocol module
Carry out stipulations arrangement.
Bug excavation system model combines bug excavation system and the feature of DCR parallelization computing, according to DCR parallelization
The architectural feature calculating reconstructs to bug excavation system architecture, and design meets the model of DCR parallelization environment, due in parallelization
Environment in bug excavation task is assigned to different nodes, and be continuously generated new test case, need to be moved according to path
State generates the generation managing use-case with control method, realizes the traversal of all possible paths of tested program, and does not repeat to travel through.
Disposed according to bug excavation system model in bug excavation calculate node first and bug excavation calculating task is installed
Program module, then runs the dynamic bug excavation system based on DCR platform, and implementation step is as follows:
1) provide initiating task by outside input, refer mainly to seed test case, initiating task is put into task queue
In, clearly it is test for binary program simultaneously, binary program path is supplied to system;
2) the dynamic bug excavation system environment initialization based on DCR, mainly comprises calculate node and connects, manages and test
Etc. aspect;
3) task management and distribute module are managed to the task in task queue, the meter of the free time of statistics successful connection
Operator node, assigns the task to the bug excavation calculate node of free time, takes into account the node running in parallelization calculating process simultaneously
Control and manage;
4) bug excavation calculate node executes corresponding test assignment, executes after terminating, the new test case that will produce
Pass to protocol module with the test case that can lead to program crashing as result of calculation;
5) result of calculation of all bug excavation calculate nodes completing test assignment of protocol module statistics carries out stipulations, will
All of new test case is organized into test assignment and passes to task queue, and the test case that can lead to program crashing is protected
Leave;
6) repeat step 3) until task queue be sky.
Present invention advantage compared with prior art is:
(1) dynamic bug excavation technology and DCR parallelization computing are combined, the dynamic leakage based on DCR is realized in design
Hole digging system and method, calculate the efficiency during solution bug excavation using parallelization, make full use of existing simultaneously
Computing resource and storage resource are it is achieved that the parallelization of whole test process and automation.
(2) multiple dynamic bug excavation methods are merged during design bug excavation computation model, by being used in combination
Dynamic stain analysis, semiology analysis and fuzz testing technology, the advantage drawing multiple technologies, increased and generate having of test case
Effect property.Meanwhile, increase that path is dynamic to be generated and control technology during bug excavation, being capable of effective the owning of traversal program
Possible path is simultaneously prevented effectively from the generation of Test cases.
Brief description
Fig. 1 is the bug excavation system model design drawing of the present invention;
Fig. 2 is the bug excavation calculate node functional diagram of the present invention;
Fig. 3 is the dynamic generation in path and the control method exemplary plot of the present invention.
Specific embodiment
With reference to Figure of description, the specific embodiment of the present invention is described in detail.
Dynamic bug excavation technology is combined it is necessary first to analyze dynamic bug excavation with DCR parallelization computing
Feature, then extracts and can design bug excavation computation model with the functional module of parallelization, extract a test execution mistake
Journey.Dynamic bug excavation system is to realize with reference to the analysis of dynamic stain, semiology analysis and three kinds of methods of fuzz testing, by using
Dynamic stain analysis obtains execution route in tested program for the input data, is then accorded with path using symbolic execution technique
Number constraints changed and extract in execution route, carries out solving to constraints set and calculates and generate new test case.
Newly-generated test case passes to entirely dynamic bug excavation system as input again.Dynamic bug excavation system is dynamic
During execution binary program, the continuous new path of locator, is continuously generated new test case and verifies.DCR is parallel
Change computing and computation model is divided into decompositions, calculating and stipulations three part, realize process in conjunction with bug excavation system, this
Bright DCR and bug excavation system are combined, the dynamic bug excavation computation model of design is realized being divided into decomposition and computing function, then
In protocol module, whole iterative process is realized by the output result of stipulations calculate node.
Fig. 1 is the bug excavation system model design drawing of the present invention.Bug excavation system model combines bug excavation system
System and the feature of DCR parallelization computing, reconstruct to bug excavation system architecture according to the architectural feature that DCR parallelization calculates, if
Meter meets the model of DCR parallelization environment.DCR parallelization is main in calculating to include scheduling node and calculate node, scheduling node
Complete Task-decomposing and assignment, calculate node completes subspace and calculates.In conjunction with the iterative process of DCR, can dynamically be leaked
Hole digging system reconstructs task allocation manager, bug excavation calculates and three functions of result stipulations.Slave module is based on constituting
The bug excavation system of DCR platform mainly includes initiating task, task queue, task management and distribute module, bug excavation meter
Operator node and protocol module.Wherein, initiating task is provided by outside, that is, provide initial test case, be clearly test for simultaneously
Binary program (i.e. target program);Task queue preserves the also unenforced task of all generations;Task management and distribution mould
Root tuber is according to the dynamic management and dispatching task of idle calculate node list of task and successful connection;Bug excavation calculate node then basis
Test assignment carries out corresponding bug excavation and calculates operation, generates new test case;The meter to all calculate nodes for the protocol module
Calculate result and carry out stipulations arrangement, be input in task queue including by the new Test cases technology test assignment producing, and
The test case leading to tested program crashing producing is preserved.
Whole system to realize step as follows:
1) provide initiating task by outside input, refer mainly to seed test case, initiating task is put into task queue
In, clearly it is test for binary program simultaneously, binary program path is supplied to system;
2) the dynamic bug excavation system environment initialization based on DCR, mainly comprises calculate node and connects, manages and test
Etc. aspect;
3) task management and distribute module are managed to the task in task queue, the meter of the free time of statistics successful connection
Operator node, assigns the task to bug excavation calculate node, take into account simultaneously run parallelization calculating process in node control and
Management;
4) bug excavation calculate node executes corresponding test assignment, executes after terminating, the new test case that will produce
Pass to protocol module with the test case that can lead to program crashing as result of calculation;
5) result of calculation of all bug excavation calculate nodes completing test assignment of protocol module statistics goes forward side by side professional etiquette about
Operation, all of new test case is organized into test assignment and passes to task queue, will can lead to the survey of program crashing
Example on probation preserves;
6) repeat step 3) until task queue be sky.
Bug excavation calculate node is to realize the main part of bug excavation test, it combine the analysis of dynamic stain,
Semiology analysis and fuzz testing technology.First test case is marked as stain data, using dynamic stain analytical technology record
Stain data perform track in a program;Then path constraints are extracted according to perform track, by symbolic execution technique,
Carry out constraint solving, calculate and generate the new test case for other paths of test program, the test that finally these generate
Use-case is required for, using fuzz testing technology, again passing to tested binary program as input and being verified, such as Tab phenolphthaleinum
Cause program crashing, then need to preserve for analyzing further.The execution of bug excavation node is a test process, that is, dirty
Point analysis, semiology analysis generate new test case, are then verified, the iterative process of whole bug excavation system is dissolved into
In DCR parallelization platform, after once test terminates, output result is carried out by stipulations by protocol module, by new test case
Form test assignment and be stored into task queue, the test case leading to program crashing is individually preserved for dividing further
Analysis.
Due to being based on parallelization Platform Designing based on the bug excavation system of DCR, each module is deployed in different meters
On calculation machine node, the interaction between each module is also required to by file transmission information.The bug excavation calculate node work(of the present invention
Can scheme as shown in Fig. 2 being segmented into three parts:
1) input file
Input design file form, comprises test case set and option parameter.The design of option parameter is for convenience
Whole bug excavation computation model is integrated in parallelization computing system.Option parameter is mainly included for binary program
Initial testing depth, test assignment identifier, bug excavation technology node execution test assignment form, temporary file save contents
Deng.Input file and tested binary program are inputed to bug excavation calculate node complete to calculate operation, simultaneously these choosings
Item parameter is as the parameter running bug excavation program in bug excavation calculate node.
2) bug excavation calculate node
Bug excavation calculate node mainly executes bug excavation process, in conjunction with the analysis of dynamic stain, semiology analysis and fuzzy
Measuring technology, extracts a computation model, is deployed to node, then completes entirely to survey by the whole continuous iteration calculating
Examination.Obtain program Dynamic Execution track first with dynamic stain analytical technology, then utilize symbolic execution technique to extract constraint
Set of circumstances solves to calculate and generates new test case, these test cases is preserved, recently enters and carry out to tested program
Checking, the test case that can lead to program crashing is preserved and is used for analyzing further.
3) output file
When designing bug excavation computation schema, need to consider whole calculating process can iterative, therefore input file
Form needs consistent with output file form, including newly-generated test case set and option parameter.Can from output file
To extract test case and the corresponding option parameter of this test case, through the stipulations function of protocol module, phase can be organized into
Isostructural input file, as test assignment, passes to bug excavation calculate node.
In the test of whole leak, due to decomposing out a test process, whole test is realized by continuous iteration.
In this process, need introducing path dynamic generate and control method it is ensured that can traversal program redirect in tree all up to
Branch, does not produce the test case of repetition simultaneously.
Fig. 3 is the dynamic exemplary plot generating with control method in path of the present invention.The present invention is all execution of target program
Path is abstracted into one tree, will all redirect branch as tree node, the once execution of every paths representation program of tree,
Reach the purpose controlling branch node and then controlling execution route by changing input data.The path of the present invention is dynamic generate and
Control method is mainly to be passed through to change all possible paths of input traversal program in whole test process, i.e. traversal program
Whole program performing tree and do not repeat traversal.Concrete methods of realizing is as follows:When assuming to input initial use-case (ID is 1),
The execution route of program is 1-3-7.When producing new test case by this use-case, start to carry from current depth depth below
Take constraint condition set to merge and solve calculating, from the beginning of the branch below current depth, every time to a branch node conditional negation
Other conditions are constant, the final test case obtaining traversal 1-2-5 (depth is 2) and 1-3-6 (depth is 3) two paths.With
Reason, obtains path 1-2-4 by after path 1-2-5 (ID is 2) branch node conditional negation, ID is 3.Final time
All feasible paths of whole execution tree of course sequence, do not produce repetition use-case simultaneously.Therefore survey in the leak decompositing
During examination, can only down start to explore and search new test path from current depth, and preserve the survey of each test case
Examination depth, effectively prevents the detection of duplicate paths.Thinking is mainly incorporated into entirely by dynamic generation the in path with control method
In test process, by record initial testing depth with to branch node conditional negation, progressively the be possible to road of traversal program
Footpath.For realizing whole process, when designing bug excavation calculate node functional diagram, input file increased initial survey
Examination depth option, that is, each test case will be for a MTD, then in bug excavation program, in current survey
Just new test case is generated by inversion operation after examination depth.Finally make whole iterative process will not generate traversal mutually to go the same way
The test case in footpath.
Non-elaborated part of the present invention belongs to the known technology of those skilled in the art.
The above, the only specific embodiment in the present invention, but protection scope of the present invention is not limited thereto, and appoints
What be familiar with the people of this technology disclosed herein technical scope in it will be appreciated that the conversion expected or replacement, all should cover
Within the scope of the comprising of the present invention, therefore, protection scope of the present invention should be defined by the protection domain of claims.
Claims (8)
1. a kind of dynamic bug excavation method based on DCR, its step is:
1) according to the architectural feature that DCR parallelization calculates, bug excavation system is reconstructed, the bug excavation system after reconstruct
Including scheduling node and calculate node;
2) the seed Test cases technology test assignment in the initiating task according to input is put into the task team of described scheduling node
In row;
3) task in described task queue is distributed to the calculating of free time by the task management of described scheduling node and distribute module
Node;
4) described calculate node executes corresponding test assignment, after execution terminates, by the new test case producing with lead to mesh
The test case of mark program crashing passes to the protocol module of described scheduling node as result of calculation;
5) described protocol module carries out stipulations to all result of calculations receiving, and the test case of all new generations is organized into
Test assignment passes to described task queue, and the test case leading to program crashing is preserved;
6) repeat step 3)~5), until described task queue is sky;Then the test case according to the cause program crashing preserving
Determine the leak that this target program exists.
2. the method for claim 1 is it is characterised in that described calculate node obtains by using dynamic stain analysis method
Take execution route in this target program for the input data, then extract execution route by path symbolism and according to perform track
In constraints obtain a constraints set, then this constraints set is carried out solving and calculates and generate new test
Use-case.
3. method as claimed in claim 1 or 2 is it is characterised in that described calculate node is by all execution of this target program
Path is abstracted into one and executes tree, will this target program all redirect branches as tree node, execute Shu Meitiao road
The once execution of footpath representation program.
4. method as claimed in claim 3 is it is characterised in that described calculate node is according to the corresponding test of this execution tree execution
Task, its method is:If during described calculate node implementation of test cases a, the execution route of this target program is i, then by this
When test case a produces new test case, start to extract constraint condition set from the depth d depth below of this test case a
Merge to solve and calculate, from the beginning of the branch below current depth, constant to branch node conditional negation other conditions every time,
Produce new test case;Finally travel through all feasible paths of whole execution tree of this target program;After execution terminates, will produce
Raw whole new test case passes to described scheduling section with the test case leading to target program collapse as result of calculation
The protocol module of point.
5. a kind of dynamic bug excavation system based on DCR is it is characterised in that include scheduling node and calculate node;Described tune
It is provided with task queue, task management and distribute module and protocol module in degree node;
Described task queue, for storing unenforced test assignment;
Described task management and distribute module, for distributing to the calculate node of free time by the task in described task queue;
Described calculate node executes corresponding test assignment, after execution terminates, by the new test case producing with lead to target
The test case of program crashing passes to described protocol module as result of calculation;
Described protocol module carries out stipulations to all result of calculations receiving, and the test case of all new generations is organized into survey
Trial business passes to described task queue, the test case leading to program crashing is preserved, for determining this target program
The leak that whether there is.
6. system as claimed in claim 5 is it is characterised in that described calculate node obtains by using dynamic stain analysis method
Take execution route in this target program for the input data, then extract execution route by path symbolism and according to perform track
In constraints obtain a constraints set, then this constraints set is carried out solving and calculates and generate new test
Use-case.
7. the system as described in claim 5 or 6 is it is characterised in that described calculate node is by all execution of this target program
Path is abstracted into one and executes tree, will this target program all redirect branches as tree node, execute Shu Meitiao road
The once execution of footpath representation program.
8. system as claimed in claim 7 is it is characterised in that described calculate node is according to the corresponding test of this execution tree execution
Task, its method is:If during test case a of described calculate node execution, the execution route of this target program is i, Ran Houyou
When this test case a produces new test case, start to extract constraints from the depth d depth below of this test case a
Collection merges solution and calculates, from the beginning of the branch below current depth, every time to branch node conditional negation other conditions not
Become, produce new test case;Finally travel through all feasible paths of whole execution tree of this target program;After execution terminates,
The whole new test case producing is passed to described tune with the test case leading to target program collapse as result of calculation
The protocol module of degree node.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610984323.8A CN106446688A (en) | 2016-11-09 | 2016-11-09 | DCR-based dynamic vulnerability detection method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610984323.8A CN106446688A (en) | 2016-11-09 | 2016-11-09 | DCR-based dynamic vulnerability detection method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106446688A true CN106446688A (en) | 2017-02-22 |
Family
ID=58208804
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610984323.8A Pending CN106446688A (en) | 2016-11-09 | 2016-11-09 | DCR-based dynamic vulnerability detection method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106446688A (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108427882A (en) * | 2018-03-13 | 2018-08-21 | 南京邮电大学 | The Android software dynamic analysis detection method of Behavior-based control feature extraction |
CN109726126A (en) * | 2018-12-28 | 2019-05-07 | 中国人民解放军国防科技大学 | Distributed parallel fuzzy method and system |
CN110198319A (en) * | 2019-06-03 | 2019-09-03 | 电子科技大学 | Security protocol bug excavation method based on more counter-examples |
CN112506795A (en) * | 2020-12-18 | 2021-03-16 | 国家工业信息安全发展研究中心 | Method, system, terminal and storage medium for testing security vulnerability of industrial control equipment |
CN114510726A (en) * | 2022-04-21 | 2022-05-17 | 南京赛宁信息技术有限公司 | Automatic vulnerability mining method and system for self-adjusting load |
CN114741700A (en) * | 2022-03-28 | 2022-07-12 | 中国人民解放军战略支援部队信息工程大学 | Public component library vulnerability availability analysis method and device based on symbolic taint analysis |
CN115374019A (en) * | 2022-10-27 | 2022-11-22 | 畅捷通信息技术股份有限公司 | Method and system for testing distributed UI test cases and computer storage medium |
CN114741700B (en) * | 2022-03-28 | 2024-05-03 | 中国人民解放军战略支援部队信息工程大学 | Public component library vulnerability availability analysis method and device based on symbolized stain analysis |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102004670A (en) * | 2009-12-17 | 2011-04-06 | 华中科技大学 | Self-adaptive job scheduling method based on MapReduce |
CN102567312A (en) * | 2011-12-30 | 2012-07-11 | 北京理工大学 | Machine translation method based on distributive parallel computation framework |
CN103870334A (en) * | 2012-12-18 | 2014-06-18 | 中国移动通信集团公司 | Method and device for assigning large-scale vulnerability scanning task |
CN104598383A (en) * | 2015-02-06 | 2015-05-06 | 中国科学院软件研究所 | Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method |
CN104008053B (en) * | 2014-05-28 | 2016-07-06 | 电子科技大学 | A kind of dynamic symbol executive path search method for vulnerability mining |
-
2016
- 2016-11-09 CN CN201610984323.8A patent/CN106446688A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102004670A (en) * | 2009-12-17 | 2011-04-06 | 华中科技大学 | Self-adaptive job scheduling method based on MapReduce |
CN102567312A (en) * | 2011-12-30 | 2012-07-11 | 北京理工大学 | Machine translation method based on distributive parallel computation framework |
CN103870334A (en) * | 2012-12-18 | 2014-06-18 | 中国移动通信集团公司 | Method and device for assigning large-scale vulnerability scanning task |
CN104008053B (en) * | 2014-05-28 | 2016-07-06 | 电子科技大学 | A kind of dynamic symbol executive path search method for vulnerability mining |
CN104598383A (en) * | 2015-02-06 | 2015-05-06 | 中国科学院软件研究所 | Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method |
Non-Patent Citations (1)
Title |
---|
李舟军: "软件安全漏洞检测技术", 《计算机学报》 * |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108427882A (en) * | 2018-03-13 | 2018-08-21 | 南京邮电大学 | The Android software dynamic analysis detection method of Behavior-based control feature extraction |
CN108427882B (en) * | 2018-03-13 | 2022-06-17 | 南京邮电大学 | Android software dynamic analysis detection method based on behavior feature extraction |
CN109726126A (en) * | 2018-12-28 | 2019-05-07 | 中国人民解放军国防科技大学 | Distributed parallel fuzzy method and system |
CN109726126B (en) * | 2018-12-28 | 2022-04-12 | 中国人民解放军国防科技大学 | Distributed parallel fuzzy method and system |
CN110198319A (en) * | 2019-06-03 | 2019-09-03 | 电子科技大学 | Security protocol bug excavation method based on more counter-examples |
CN110198319B (en) * | 2019-06-03 | 2020-09-15 | 电子科技大学 | Security protocol vulnerability mining method based on multiple counter-examples |
CN112506795A (en) * | 2020-12-18 | 2021-03-16 | 国家工业信息安全发展研究中心 | Method, system, terminal and storage medium for testing security vulnerability of industrial control equipment |
CN114741700A (en) * | 2022-03-28 | 2022-07-12 | 中国人民解放军战略支援部队信息工程大学 | Public component library vulnerability availability analysis method and device based on symbolic taint analysis |
CN114741700B (en) * | 2022-03-28 | 2024-05-03 | 中国人民解放军战略支援部队信息工程大学 | Public component library vulnerability availability analysis method and device based on symbolized stain analysis |
CN114510726A (en) * | 2022-04-21 | 2022-05-17 | 南京赛宁信息技术有限公司 | Automatic vulnerability mining method and system for self-adjusting load |
CN115374019A (en) * | 2022-10-27 | 2022-11-22 | 畅捷通信息技术股份有限公司 | Method and system for testing distributed UI test cases and computer storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106446688A (en) | DCR-based dynamic vulnerability detection method and system | |
Aridhi et al. | A MapReduce-based approach for shortest path problem in large-scale networks | |
CN105719126B (en) | system and method for scheduling Internet big data tasks based on life cycle model | |
Debreceni et al. | Query-driven incremental synchronization of view models | |
Horváth et al. | Dynamic constraint satisfaction problems over models | |
CN106873987A (en) | A kind of multi-person synergy modeling based on Modelica | |
CN102799960B (en) | The concurrent service flow process method for detecting abnormality of data-orlented model | |
Deng et al. | Elimination of policy conflict to improve the PDP evaluation performance | |
Almeida et al. | A branch-and-bound algorithm for autonomic adaptation of multi-cloud applications | |
Stein et al. | Demanded abstract interpretation | |
Bergmann | Incremental model queries in model-driven design | |
Bellini et al. | Graph databases methodology and tool supporting index/store versioning | |
Swain et al. | Test case design using slicing of UML interaction diagram | |
Dworzański et al. | CPN tools-assisted simulation and verification of nested Petri nets | |
Yan et al. | A quantitative approach to the process modeling and planning in concurrent engineering | |
Giachino et al. | Deadlock detection in linear recursive programs | |
Sapna et al. | Automated scenario generation based on uml activity diagrams | |
Wu et al. | Coping with legacy system migration complexity | |
Ajwani et al. | Generating synthetic task graphs for simulating stream computing systems | |
Albers et al. | Adaptive on-the-fly changes in distributed processing pipelines | |
Calvanese et al. | A practical automata-based technique for reasoning in expressive description logics | |
Fischer et al. | Scalable Planning in the Semantic Web--A Smart Factory Assembly Line Balancing Example | |
Singh et al. | Design and implementation of testing tool for code smell rectification using c-mean algorithm | |
Jie et al. | The generation of software reliability test cases based on software reuse | |
Yu et al. | A parallel approach to concolic testing with low-cost synchronization |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170222 |