引用本文
  • 程凯,宋站威,刘明东,于楠,朱红松,孙利民.二进制程序静态分析技术研究综述[J].信息安全学报,已采用    [点击复制]
  • Cheng Kai,Song Zhanwei,Liu Mingdong,Yu Nan,Zhu Hongsong,Sun Limin.A Survey of Static Analysis Techniques of Binary Code[J].Journal of Cyber Security,Accept   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

过刊浏览    高级检索

本文已被:浏览 2656次   下载 247  
二进制程序静态分析技术研究综述
程凯, 宋站威, 刘明东, 于楠, 朱红松, 孙利民
0
(中国科学院信息工程研究所)
摘要:
静态分析技术作为程序分析中重要的分支,在源代码分析上发展非常成熟,然而在二进制程序分析上发展缓慢。随着物联网设备的广泛应用,物联网设备的诸多特点,包括多样的指令架构、不同的操作系统、硬件资源受限、大多数基于C语言开发以及封闭的源代码和文档等,给二进制程序静态分析带来新的挑战和需求。近几年,通过二进制程序静态分析技术对物联网备固件进行脆弱性分析逐渐成为热点之一。本文以静态分析的基本原理为基础,从数据流分析、别名分析、符号执行和静态污点分析四个方面介绍目前二进制静态分析技术的研究现状和进展。最后,本文对今后该领域的研究重点和方向进行讨论和展望。
关键词:  二进制程序静态分析  数据流分析  别名分析  符号执行  静态污点分析  物联网设备
DOI:10.19363/J.cnki.cn10-1380/tn.2023.06.14
投稿时间:2020-12-09修订日期:2021-02-22
基金项目:
A Survey of Static Analysis Techniques of Binary Code
Cheng Kai, Song Zhanwei, Liu Mingdong, Yu Nan, Zhu Hongsong, Sun Limin
(Institute of Information Engineering, Chinese Academy of Sciences)
Abstract:
Static analysis techniques, as an important part of the program analysis, has developed very maturely in source code analysis, however, is developing slowly in binary program analysis. With the widespread use of the Internet of Things (IoT), many characteristics of IoT devices, including diverse instruction architectures, different operating systems, limited hardware resources, most C-based development, and closed source code, bring new challenges and demands to binary static analysis. In recent years, vulnerability discovery on IoT firmware images through bi-nary static analysis techniques has gradually attracted researchers’ attention. Based on the basic principles of static analysis, we will introduce and summarize the binary static analysis techniques from aspects of data-flow analysis, alias analysis, symbolic execution, and static taint analysis. Finally, we will discuss the research focus and direction in the future.
Key words:  binary static analysis  data-flow analysis  alias analysis  symbolic execution  static taint analysis  Internet of Things devices