Model-based Software Vulnerability Detection

With the continuous development of information technology,computers and the Internet,information and network security issues have become an increasing concern,related research and technology is also increasing attention.Software is the foundation of information systems and networks,software exploits for network attacks are one of the main threats to information and network security,software vulnerability attack and defense are also an important part of network attack and defense.Software vulnerabilities detection is a very crucial position in the information security technologies.This paper regards software vulnerability detection and related technology research as a goal.Surveying the current mainstream executable program file structure,disassembly techniques and software static analysis algorithms.This paper,based on previous studies,has analyzed a lot of vulnerabilities instance and classified them,then describes the vulnerability models based on YAML language,compared to the previous existing XML description method,the data structure is more natural,easy to understand,while in the computer processing,YAML also has a simple structure,easily parsed and low cost.On the basis of the vulnerability model,this paper presents vulnerability-detection-oriented-model methods for detecting vulnerabilities to detect software vulnerabilities.And solve two problems:One is how establish vulnerability-detection-oriented-model from binary program vulnerability model.The other is how will defect function call,buffei overflow,integer overflow vulnerability convert three detection models of this paper.Finally,for different environments and software,this paper applies theory to three practical areas:(1)Defect function vulnerability detectionVulnerability detection model framework is designed to defect function calls.Implementing following parts:chains for matching vulnerability features,vulnerability session management module and other core modules.In addition,the paper studies the function parameters matching algorithm in different compiler environment(2)Android kernel driver vulnerabilities detectionResearch on the Android kernel device driver attack surfaces,propose and implement a set of Android kernel driver fuzzing framework.Through experimental tests,the tool has a stable efficiency,and reproducing crash ability.Have found a Oday vulnerability through this tool.(3)Web browser vulnerability detectionUAF is a common kind of vulnerability in web browser.In this paper,a method based on UAF vulnerability model browser is proposed,and a fuzzing tool based on distributed nodes is implemented.Multiple vulnerabilities are found.And a high risk of exploitable IE vulnerability is reported to Microsoft,therefore get acknowledgement and CVE-2015-6154.