【打印本页】      【下载PDF全文】   查看/发表评论  下载PDF阅读器  关闭
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 7796次   下载 7593 本文二维码信息
码上扫一扫!
知识、探索与状态平面组织的软件漏洞分析架构研究
袁子牧,肖扬,吴炜,霍玮,邹维
分享到: 微信 更多
(中国科学院信息工程研究所, 北京 中国 100093;中国科学院信息工程研究所, 北京 中国 100093;中国科学院大学 网络空间安全学院, 北京 中国 100049)
摘要:
对于软件漏洞分析复杂度过高的现状问题,本文认为其主要原因在于当前软件分析知识、技术及数据耦合程度高、各类知识与技术间缺乏有效编程接口连接,因而提出了将软件漏洞分析解耦合为知识、探索、状态等三层平面的设计。其中,状态平面可基于基础分析数据和既有的大数据操作接口表征程序分析状态及转换;知识平面与探索平面分别对应漏洞分析知识与技术/工具集合,本文从符号执行、污点分析、模式检测、模糊测试等现有技术类别中抽象出两平面间的知识与技术间的交互接口。在阐述三层平面的基础上,本文例举了实际漏洞分析应用场景,描绘出通过可编程接口连接各平面、以自由定制的方式发挥各平面间互补优势的愿景;期望随之努力达到打通各类知识、技术间的互通门槛,并融合数据处理技术以提升软件漏洞分析效能的效果。
关键词:  软件漏洞分析  知识平面  探索平面  状态平面  可编程接口
DOI:10.19363/J.cnki.cn10-1380/tn.2019.11.02
投稿时间:2017-12-19修订日期:2018-04-03
基金项目:本课题得到国家自然科学基金(No.61602470,No.61802394,No.U1836209);国家重点研发计划(No.2016QY071405);中国科学院战略先导(No.XDC02040100,No.XDC02030200,No.XDC02020200)资助。
Research on The Software Vulnerability Analysis Architecture with The Knowledge, Exploration and State Plane
YUAN Zimu,XIAO Yang,WU Wei,HUO Wei,ZOU Wei
Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China
Abstract:
We consider the reasons of high complexity on current software vulnerability analysis are the software analysis knowledge, tools and data coupling tightly, and lack of effective programming API interface to establish connection between analysis knowledge and technology, and therefore propose decoupled three planes of knowledge, exploration and state. Among them, the state plane can exhibit the status and transformation of software vulnerability analysis based on the basic analysis data and the operation interface on resilient distributed datasets; the knowledge plane and exploration plane map the set of software vulnerability knowledge and technology/tool respectively, and we extract the API interface between knowledge and technology from existing sorts of technology, such as symbolic execution, taint analysis, pattern detection and fuzz. On the basis of the three planes, three vulnerability analysis application scenarios are illustrated to depict the picture that planes are connected through programmatic interface, and their interactions can be freely customized to take the advantages of each of them; the expectation of our work is to lower the barriers between sorts of analysis technologies and knowledges, and combine with the frontiers of data processing technology to promote vulnerability analysis performance with effort devoted.
Key words:  software vulnerability analysis  knowledge plane  exploration plane  state plane  programmatic interface