The Study And Realization Of Browser Defect Detection Technology Based On Boundary Reverse

With the rapid development of information technology,the Internet has become an indispensable part of people's work and life.As an important entry to the Internet,Browser's security is becoming more and more important.Major manufacturers have designed a variety of security solutions for the browser's products,making the browser more and more secure.However,in order to support more features,browsers also provide third-party plug-in support,which is one of the major security flaws in the browser.Because the quality of plug-in developed by third-party vendors or individuals can not get the same level of security with browsers,which makes plug-ins become one of the weakest parts of browser security.According to the different browser,the research content of the plug-in security is not the same.This paper focuses on the security flaw defection technology of the Internet Explorer browser ActiveX plug-ins.The existing vulnerability mining tools of mainstream ActiveX plug-ins at home and abroad have insufficient Fuzz strategy and low efficiency of mutation algorithm and other deficiencies.This paper mainly studies a security defect detection technology based on the boundary reverse for browser ActiveX plug-ins.In order to solve the problem of function information extraction under the condition of closed source ActiveX plug-in,this paper presents a registry-based information acquisition technology.In order to solve the defect that the existing tools can only carry on blind Fuzz,the paper presents the intelligent reverse model based on control flow graph and static assembly code analysis,the model leads the variation direction of the test case by extracting the eigenvalue of the function boundary.In the end of the thesis,a mutation algorithm based on the function boundary eigenvalue is proposed.On the basis of random mutation algorithm,the effectiveness of mutation algorithm is greatly improved.On the basis of theoretical research,this paper designed and implemented the XFuzzer,a vulnerability mining prototype with information acquisition module,intelligent reverse module,boundary recognition module and fuzzy testing module,and was used in the actual vulnerability mining project.Up to now,the study has submitted 4 Confidential Oday Vulnerabilities and 1 Public Oday Vulnerability to China National Vulnerability Database of Information Security.