| Nowadays,computer software has become an indispensable part of people's lives,people fully enjoy the convenience brought by a variety of software,such as web browser,video player,office processing suite.However,the security problems faced by computer software also grow,vulnerability is one of the main reasons that threaten people's privacy security.Through the use of vulnerabilities,malicious attackers can illegally obtain user privacy information,can hijack the user's computer,monitor the user's every move through the computer,and may even threaten personal safety.At the same time,as the multi-core architecture gradually occupies the main market in recent years,the development of large-scale parallel computing in various countries,has produced a new kind of vulnerability,namely concurrent vulnerability.Unlike previous vulnerabilities,which can be triggered only by sequential execution of a single thread,concurrent vulnerabilities need at least two threads and interleaved execution to trigger,so it is difficult to find vulnerabilities by traditional vulnerability mining technologies,such as Fuzz,symbolic execution technology,more covert,and concurrent vulnerabilities are mostly in the operating system kernel,once An error can affect the operation of the entire operating system,so the damage is higher.This paper focuses on the research of concurrent vulnerability mining technology and protection technology,and implements a prototype system,which can automatically discover vulnerabilities based on pattern matching and automatically fixing vulnerabilities based on transactional memory.Specifically,the innovation and the main work of this paper is as follows:(1)Concurrent vulnerability discover technology.This paper first introduces the basic principle of concurrency vulnerabilities,the difference between concurrent vulnerabilities and common serial vulnerabilities,and the typical classification of concurrency vulnerabilities.Then it introduces Bochspwn,Flush+Reload,symbolic validation and other concurrency vulnerability dynamic mining technology and static vulnerability discover technology based on pattern matching.Not only the principle of each technology is introduced,but also the limitations of each technology and the improvements are analyzed in detail.Finally,the improvement of static discover technology based on pattern matching is proposed.(2)Concurrency vulnerabilities protection technology.This paper introduces the context-based protection technology,synchronization-based protection technology and transactional memory-based protection technology.The advantages and disadvantages and practical application of each protection technology are analyzed.(3)Concurrent vulnerability repair technology.An automatic patching technology for concurrent vulnerabilities based on pattern matching is proposed for the first time.At present,there is no automated concurrent vulnerability repair technology.All the work of repairing concurrent vulnerabilities requires researchers to analyze the causes of vulnerabilities,which requires a lot of labor costs.The automatic patching technology of concurrent vulnerabilities based on pattern matching proposed in this paper combines with the protection technology proposed in this paper,which greatly reduces the cost of analyzing the causes of vulnerabilities and patching schemes,and completes the patching work automatically by pattern matching method.(4)Automated concurrent vulnerability mining and protection prototype system.This paper implements a prototype system capable of automatically mining concurrent vulnerabilities and automatic protection.Among them,automatic mining uses static mining method based on pattern matching,which has the characteristics of high code coverage,fast speed,low false alarm rate and low false alarm rate compared with existing methods.Automatic protection technology uses transactional memory-based protection technology,which has the characteristics of ease of use,practicability and reliability,and can be applied to code audit or code repair. |
PDF Full Text Request