Cross-platform firmware binary code vulnerability mining method

The invention provides a cross-platform firmware binary code vulnerability mining method, which comprises the following steps of: after disassembling a firmware binary code, extracting feature description of an assembly code; taking the feature description as input of a clustering algorithm, and judging whether the feature description belongs to any known cluster or not; if yes, updating the clustering center points of all known clusters; if not, forming a new cluster and a clustering center point corresponding to the new cluster; and determining the vulnerability type of the firmware according to the change of the distance between the clustering center points of all the clusters. According to the method, cross-platform binary code vulnerability mining can be performed, so that the firmware vulnerability type can be determined with relatively high accuracy. 本文提供了一种跨平台固件二进制代码漏洞挖掘的方法，其中方法包括：对固件二进制代码反汇编后，提取汇编代码的特征描述；将所述特征描述作为聚类算法的输入，判断所述特征描述是否属于任一已知簇；若是，则更新所有已知簇的聚类中心点；若否，则形成新的簇以及新的簇对应的聚类中心点；根据所有簇的聚类中心点间的距离变化，确定所