Vulnerability identification method based on semantic learning of slice code dependency graph

Vulnerability identification method based on semantic learning of slice code dependency graph

The invention relates to the technical field of vulnerability detection, and particularly discloses a vulnerability identification method based on semantic learning of a slice code dependency graph, which comprises the following steps of: S1, inputting an executable binary program, and obtaining a p...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: FAN YONGCHEN, WANG XIAONAN, XU SHAONIAN, QIAN HUANHUAN, DENG KAI, PAN YINING, WANG YAN
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention relates to the technical field of vulnerability detection, and particularly discloses a vulnerability identification method based on semantic learning of a slice code dependency graph, which comprises the following steps of: S1, inputting an executable binary program, and obtaining a pseudo code of each function in the binary program by utilizing a decompilation technology; s2, performing data dependency analysis and control dependency analysis on the dangerous library/API function calling execution process and the dangerous library/API function calling execution process in each pseudo code function, extracting fine-grained pseudo code snippets only related to dangerous library/API function calling, and constructing a slice code dependency graph according to the fine-grained pseudo code snippets; and the like. The method is suitable for vulnerability identification in a binary code scene, security vulnerability detection can be carried out on software under the limited condition that source code