Research on Binary Program Dynamic Slicing Technology for Cause Analysis of Vulnerability

Vision Pub Date : 2022-05-20 DOI:10.1109/cvidliccea56201.2022.9825448

Peiyu Lu, Chao Feng, Chaojing Tang

{"title":"Research on Binary Program Dynamic Slicing Technology for Cause Analysis of Vulnerability","authors":"Peiyu Lu, Chao Feng, Chaojing Tang","doi":"10.1109/cvidliccea56201.2022.9825448","DOIUrl":null,"url":null,"abstract":"In cause analysis of vulnerability, multi-level dereference of pointer and array element index analysis are often encountered at the code level, which is reflected in the case of indirect addressing at the assembly level. At present, the program slicing technology commonly used for cause analysis of vulnerability can not completely analyze the data flow and control flow of indirect addressing. In order to solve this problem, this paper proposes a binary program dynamic slicing technology for cause analysis of vulnerability. This technology uses the information related to the reading and writing of registers and memory addresses in the program execution trace to find the relationship of the data flow and control flow between the two instructions, which can more completely retain the information related to the instructions to be sliced, improve the automation component in cause analysis of vulnerability and reduce the cost of manual analysis. In addition, using the static characteristics of execution trace, this paper can meet the needs of researchers for repeated debugging and analysis of a program execution at different time points in the process of program execution.","PeriodicalId":23649,"journal":{"name":"Vision","volume":"4 1","pages":"783-788"},"PeriodicalIF":0.0000,"publicationDate":"2022-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Vision","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/cvidliccea56201.2022.9825448","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In cause analysis of vulnerability, multi-level dereference of pointer and array element index analysis are often encountered at the code level, which is reflected in the case of indirect addressing at the assembly level. At present, the program slicing technology commonly used for cause analysis of vulnerability can not completely analyze the data flow and control flow of indirect addressing. In order to solve this problem, this paper proposes a binary program dynamic slicing technology for cause analysis of vulnerability. This technology uses the information related to the reading and writing of registers and memory addresses in the program execution trace to find the relationship of the data flow and control flow between the two instructions, which can more completely retain the information related to the instructions to be sliced, improve the automation component in cause analysis of vulnerability and reduce the cost of manual analysis. In addition, using the static characteristics of execution trace, this paper can meet the needs of researchers for repeated debugging and analysis of a program execution at different time points in the process of program execution.

查看原文本刊更多论文

面向漏洞原因分析的二进制程序动态切片技术研究

在漏洞原因分析中，经常会遇到代码级指针的多级解引用和数组元素索引分析，这体现在汇编级间接寻址的情况下。目前，通常用于漏洞原因分析的程序切片技术还不能完整地分析间接寻址的数据流和控制流。为了解决这一问题，本文提出了一种二进制程序动态切片技术，用于漏洞原因分析。该技术利用程序执行轨迹中与寄存器和内存地址读写相关的信息来查找两个指令之间的数据流和控制流的关系，可以更完整地保留待切片指令的相关信息，提高了漏洞原因分析的自动化程度，降低了人工分析的成本。此外，本文利用执行轨迹的静态特性，可以满足研究人员对程序执行过程中不同时间点的程序执行情况进行反复调试和分析的需要。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Vision

自引率

0.00%

发文量