基于动态符号执行的敏感点并行逼近方法

2012 Eighth International Conference on Computational Intelligence and Security Pub Date : 2012-11-17 DOI:10.1109/CIS.2012.152

Yan Cao, Qiang Wei, Qingxian Wang

{"title":"基于动态符号执行的敏感点并行逼近方法","authors":"Yan Cao, Qiang Wei, Qingxian Wang","doi":"10.1109/CIS.2012.152","DOIUrl":null,"url":null,"abstract":"In order to improve the efficiency of symbolic execution in software vulnerability detection, we propose the sensitive point oriented test method for parallel approach in the paper. Static analysis is used for identification and location of sensitive points. Then based on dynamic symbolic execution, the algorithm of parallel approach to sensitive point is designed, in order to select for the preferential path and realize iterative approach test. Moreover, we present search algorithm of test cases to reuse forward information and reduce communication redundancy. Finally, the experiment results verify the improvement of symbolic execution efficiency and effectiveness of exception detection.","PeriodicalId":294394,"journal":{"name":"2012 Eighth International Conference on Computational Intelligence and Security","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The Method for Parallel Approach to Sensitive Point Based on Dynamic Symbolic Execution\",\"authors\":\"Yan Cao, Qiang Wei, Qingxian Wang\",\"doi\":\"10.1109/CIS.2012.152\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In order to improve the efficiency of symbolic execution in software vulnerability detection, we propose the sensitive point oriented test method for parallel approach in the paper. Static analysis is used for identification and location of sensitive points. Then based on dynamic symbolic execution, the algorithm of parallel approach to sensitive point is designed, in order to select for the preferential path and realize iterative approach test. Moreover, we present search algorithm of test cases to reuse forward information and reduce communication redundancy. Finally, the experiment results verify the improvement of symbolic execution efficiency and effectiveness of exception detection.\",\"PeriodicalId\":294394,\"journal\":{\"name\":\"2012 Eighth International Conference on Computational Intelligence and Security\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-11-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 Eighth International Conference on Computational Intelligence and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CIS.2012.152\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Eighth International Conference on Computational Intelligence and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS.2012.152","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

为了提高软件漏洞检测中符号执行的效率，提出了并行方法中面向敏感点的测试方法。采用静力分析方法对敏感点进行识别和定位。在此基础上，设计了基于动态符号执行的敏感点并行逼近算法，以选择优先路径并实现迭代逼近测试。此外，我们还提出了测试用例的搜索算法，以重用转发信息，减少通信冗余。最后，实验结果验证了符号执行效率的提高和异常检测的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

The Method for Parallel Approach to Sensitive Point Based on Dynamic Symbolic Execution

In order to improve the efficiency of symbolic execution in software vulnerability detection, we propose the sensitive point oriented test method for parallel approach in the paper. Static analysis is used for identification and location of sensitive points. Then based on dynamic symbolic execution, the algorithm of parallel approach to sensitive point is designed, in order to select for the preferential path and realize iterative approach test. Moreover, we present search algorithm of test cases to reuse forward information and reduce communication redundancy. Finally, the experiment results verify the improvement of symbolic execution efficiency and effectiveness of exception detection.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 Eighth International Conference on Computational Intelligence and Security

自引率

0.00%

发文量