CN102129538B - System and method for detecting buffer overflow vulnerability of source code of sensor network - Google Patents
System and method for detecting buffer overflow vulnerability of source code of sensor network Download PDFInfo
- Publication number
- CN102129538B CN102129538B CN2011100524520A CN201110052452A CN102129538B CN 102129538 B CN102129538 B CN 102129538B CN 2011100524520 A CN2011100524520 A CN 2011100524520A CN 201110052452 A CN201110052452 A CN 201110052452A CN 102129538 B CN102129538 B CN 102129538B
- Authority
- CN
- China
- Prior art keywords
- source code
- taint
- buffer overflow
- function
- test case
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000012360 testing method Methods 0.000 claims abstract description 105
- 238000004458 analytical method Methods 0.000 claims abstract description 36
- 238000012038 vulnerability analysis Methods 0.000 claims abstract description 14
- 230000006872 improvement Effects 0.000 claims abstract description 7
- 230000006870 function Effects 0.000 claims description 94
- 238000001514 detection method Methods 0.000 claims description 49
- 238000002347 injection Methods 0.000 claims description 12
- 239000007924 injection Substances 0.000 claims description 12
- 239000000284 extract Substances 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 5
- 230000009191 jumping Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 claims description 3
- 241000700605 Viruses Species 0.000 abstract description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000007480 spreading Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003449 preventive effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention relates to a system and method for detecting the buffer overflow vulnerability of a source code of a sensor network. The system comprises two devices, i.e., an overflow vulnerability analysis device and an overflow vulnerability test device, wherein the overflow vulnerability analysis device is provided with a security threat positioning module, a taint analysis module and a test case generation module which are sequentially connected; and the overflow vulnerability test device is provided with a detecting end and a detected end and used for testing whether the source code has the buffer overflow vulnerability or not according to a test case from the overflow vulnerability analysis device and noticing a test result to take improvement measures for insecure codes. According to the invention, the source code used for the sensor network and based on a C or NesC language can be detected and analyzed, that is to say, the security threat of the source code is positioned and the test case corresponding to the source code is generated, the possible buffer overflow vulnerability of the source code is tested and the test result is noticed to a webmaster to take the corresponding measures for the source code, therefore, the spread and the overflow of worm viruses, caused by the buffer overflow vulnerability, are effectively prevented, and the security of the sensor network is enhanced.
Description
Technical Field
The invention relates to a system and a method for detecting overflow vulnerability of a source code buffer area of a sensor network, belonging to the technical field of wireless self-organizing networks/Internet of things systems.
Background
The buffer overflow hole is a very common technical defect widely existing in various operating systems and application software, and is caused by memory leakage caused by the fact that a software developer does not perform boundary check when moving data in different memory spaces. The intruder destroys the stack of the program by sending data satisfying the buffer overflow condition to the target machine, and changes the execution flow of the program. The intruder can make the program run abnormally only by successfully utilizing the buffer overflow bug, so as to cause the system to crash, restart and even execute the malicious code, and finally obtain the highest authority of the system. Buffer overflow holes may also cause worm propagation. For example, SQL Slammer and RPC vulnerability family worms all use buffer overflow vulnerabilities. Although these worms are directed to computer networks, the same security threat exists for sensor networks: goodpeed finds that there is a buffer hole in sensor nodes based on the von neumann architecture. On BlackHat in 2010, Giannetsos also verified various attacks on sensor networks, including snooping, tampering, buffer overflow attacks, etc. Therefore, the method has great significance for the buffer overflow detection of the sensor network.
At present, a great deal of research work is carried out on the buffer overflow detection technology at home and abroad. The detection method can be divided into static detection and dynamic detection based on source codes, static detection and dynamic detection based on target codes and the like. However, such techniques are primarily directed to traditional programming languages on personal computers PC, including C, C + +, Java, etc., and are not necessarily applicable to sensor nodes. For example, a typical sensor operating system TinyOS is a programming language NesC based on componentization, and therefore, when buffer overflow detection is performed on source code of NesC, a traditional buffer overflow detection technology based on C, C + +, Java, and the like cannot be adopted.
The WSN has the characteristics that the communication capacity, the power supply energy, the calculation speed and the storage space are very limited, and the sensor nodes are densely configured, so that a plurality of effective security protocols and algorithms cannot be smoothly applied. Secondly, sensor nodes are generally deployed in an unattended severe environment or a hostile environment, a large number of unsafe factors exist in a working space, the nodes are easily damaged or captured, and the nodes cannot be maintained generally, so that the nodes are easily failed. Furthermore, each node in the WSN forms a network in a self-organizing manner, and communicates in a single-hop or multi-hop manner, and the nodes cooperate with each other to realize a routing function, and a conventional end-to-end security mechanism cannot be directly applied without a special transmission device. Therefore, how to detect the buffer overflow hole in the wireless sensor network becomes a focus issue of attention of the technicians in the industry.
Disclosure of Invention
In view of this, the present invention provides a system and a method for detecting a buffer overflow vulnerability of a source code of a sensor network, which can detect a source code of the sensor network based on C or NesC language, that is, scan and analyze the source code of the sensor network, locate a security threat existing in the source code, generate a test case corresponding to the source code, perform a vulnerability test on a buffer overflow vulnerability possibly existing in the source code, and finally notify a network manager of a test result, so as to take a corresponding improvement measure on an unsafe source code in the sensor network, thereby effectively preventing spreading and flooding of a worm virus in the network caused by the buffer overflow vulnerability, and thus improving the security of the sensor network.
In order to achieve the above object, the present invention provides a system for detecting overflow vulnerability of a source code buffer of a sensor network, which is characterized in that: the system is provided with the following two devices:
the overflow vulnerability analysis device is used for performing buffer overflow analysis on a source code in the sensor network and is provided with three modules of security threat positioning, stain analysis and test case generation which are sequentially connected; the security threat positioning module is responsible for scanning a source code and positioning a security threat function existing in the source code, and submitting a scanning result to the taint analysis module; the taint analysis module is responsible for carrying out taint analysis on the security threat function and judging whether buffer overflow security threats exist or not so as to determine whether buffer overflow bugs need to be tested by using a test case or not; the test case generation module is responsible for constructing a trigger condition of the source code buffer overflow vulnerability, solving and generating a corresponding test case according to the trigger condition, and then submitting the test case to the buffer overflow vulnerability testing device for testing;
the overflow vulnerability testing device is used for testing whether buffer overflow vulnerabilities exist in the source codes according to the test cases from the overflow vulnerability analyzing device and informing the testing results so as to take improvement measures on unsafe codes; the device is provided with a detection end and a detected end, wherein the detection end is a sensor node internally provided with a test case and used for sending test data for triggering the buffer overflow leak to the detected end; the detected end is a sensor node internally provided with a source code to be detected and is used for receiving the test data sent by the detecting end, judging whether the corresponding source code has a buffer overflow vulnerability according to the phenomenon after the data is received by the detected end, and then making a corresponding detection result notice.
In order to achieve the above object, the present invention further provides a detection method for a system for detecting a source code buffer overflow vulnerability of a sensor network, which is characterized in that: the method comprises the following operation steps:
(1) inputting a source code in a sensor network into an overflow vulnerability analysis device;
(2) a security threat positioning module in the overflow vulnerability analysis device scans a source code and judges whether a security threat function exists or not; if not, ending the detection method; if the security threat function exists, the security threat function in the source code is located and submitted to a taint analysis module; the method comprises the following steps:
(21) the security threat positioning module is pre-loaded with a threat function set consisting of the set receiving functions of the sensor network communication protocol: because the external 'untrustworthy' data received by the sensor nodes in the wireless sensor network has security threats, all possible receiving functions are defined as threat functions to form a threat function set;
(22) the security threat positioning module scans a source code and extracts all functions defined and called in the source code to form a source code function set;
(23) sequentially comparing function names in the source code function set with function names in the threat function set, if the same function names exist, recording the function names and line numbers of the functions in the source codes, and sending the parameters to a taint analysis module; otherwise, ending the detection process;
(3) the taint analysis module carries out taint propagation analysis on the positioned security threat function, namely, the flow direction of taint data is tracked, and a taint propagation theory is used for analyzing whether a taint propagation phenomenon occurs in the threat function, if not, the detection method is ended; if the source code is detected to have the buffer overflow bug, the source code is judged to have the buffer overflow bug, and the buffer overflow bug is detected to be the source code; the method comprises the following steps:
(31) the taint analysis module collects the received data of the sensor nodes to form an initial taint data set according to the security threat function and the position of the security threat function; wherein the injection point of the taint data is the position of the threat function;
(32) the taint analysis module extracts source operands and destination operands of each instruction in sequence from an injection point of each taint data, adds or deletes elements in the taint data set by using a taint propagation theory, judges whether a taint propagation phenomenon occurs or not, if so, indicates that buffer overflow safety threat possibly exists in a source code, and records instruction positions of taint propagation; otherwise, ending the detection method;
(4) the test case generation module constructs a trigger condition of the source code buffer area overflow vulnerability, solves and generates a test case according to the trigger condition, and then submits the test case to an overflow vulnerability testing device for testing; the method comprises the following steps:
(41) constructing a path constraint condition: in order to generate a program flow chart of the threat function, a test case generation module calculates a path condition from a taint data injection point to a taint propagation position; marking the line number of a program instruction at the initial position of a threat function in a source code, and then representing various branches of the program including a sequence structure, a selection structure and a loop structure by using a basic unit structure to generate a program control flow chart; counting all paths from a stain injection point to a stain propagation position in the flow chart, and calculating path constraint conditions;
(42) constructing the necessary conditions for buffer overflow: in order to test the buffer overflow vulnerability, constructing a section of ultralong taint data containing a jump address and shellcode, wherein the jump address is used for covering a return address of a threat function, and when the threat function is executed, automatically returning to the jump address, namely jumping to the shellcode address for execution; shellcode is a segment of executable data code to be injected;
(43) solving constraint conditions: solving and generating a test case meeting the overflow condition of the source code buffer area according to the path constraint condition and the necessary condition of the buffer area overflow obtained in the two steps;
(5) the overflow vulnerability testing device is used for installing a detected source code at a detected end, installing a test case at the detected end, then sending test case data to the detected end by the detected end, judging whether the source code has buffer overflow vulnerability according to the phenomenon after the detected end receives the test case data, and making a corresponding notice on a test result.
The invention relates to a system and a method for detecting overflow vulnerability of a source code buffer area of a sensor network, wherein the key technology of innovation is as follows: the device and the method for detecting the buffer overflow of the sensor network source code based on the C language and the NesC language are firstly proposed. Because the traditional taint data analysis does not clearly reveal the taint source on which taint data depends, the taint spreading idea is applied by combining the characteristics of NesC language and TinyOS operating system, and the taint source is defined as received external data. In addition, a method for verifying the vulnerability is provided on the basis of detecting the buffer overflow vulnerability. By adopting the method and the device, the buffer overflow vulnerability is detected, and the vulnerability can be verified; if the existence of the buffer overflow vulnerability is verified and confirmed, the generation reason and the hazard degree of the buffer overflow vulnerability are analyzed, and a vulnerability detection report is generated so as to improve unsafe program statements in the source code and provide preventive measures, thereby effectively preventing the spreading and flooding of the worm virus in the network caused by the buffer overflow vulnerability, enhancing the security of the source code and improving the security of the whole sensor network system.
The invention has the following advantages: most of the existing buffer overflow detection methods based on source codes are directed at high-level languages such as C, C + + and java, and are not suitable for detection of a NesC-based TinyOS sensor network. The invention provides a source code buffer area detection method based on a sensor network for the first time. The method and the device fully combine the characteristics of the TinyOS and the NesC languages used by the sensor network, firstly locate the security threat existing in the source code before performing buffer overflow detection, greatly narrow the detection range, reduce the detection workload, and obviously improve the detection efficiency compared with a buffer overflow detection method based on a PC.
Drawings
FIG. 1 is a schematic structural diagram of a system for detecting overflow of a source code buffer of a sensor network according to the present invention.
FIG. 2 is a flow chart of a detection method of the system for detecting the overflow bug of the source code buffer of the sensor network according to the present invention.
FIG. 3 is a flow diagram of the operation of a security threat location module.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the accompanying drawings and examples.
The invention relates to a source code which is a source program for a sensor network and is written by C language and component-based NesC language extended by C language.
Referring to fig. 1, the structural components of the system for detecting overflow vulnerability of source code buffer of sensor network according to the present invention will be described. The system comprises the following two devices:
the overflow vulnerability analysis device is used for performing buffer overflow analysis on a source code in the sensor network and is provided with three modules of security threat positioning, stain analysis and test case generation which are sequentially connected; wherein,
the security threat positioning module is responsible for scanning the source code and positioning a security threat function existing in the source code, and submitting a scanning result to the taint analysis module;
the taint analysis module is responsible for analyzing the taint of the security threat function and judging whether buffer overflow security threats exist or not so as to determine whether buffer overflow bugs need to be tested by using test cases or not;
the test case generation module is responsible for constructing a trigger condition of the source code buffer overflow vulnerability, solving and generating a corresponding test case according to the trigger condition, and then submitting the test case to the buffer overflow test device for testing.
The overflow vulnerability testing device is used for testing the buffer overflow vulnerability of the source code according to the test case from the analysis device and reporting the test result so as to take improvement measures on the unsafe code; the device is provided with a detection end and a detected end, wherein the detection end is a sensor node internally provided with a test case and used for sending test data for triggering the buffer overflow leak to the detected end; the detected end is a sensor node internally provided with a source code to be detected and is used for receiving the test data sent by the detecting end, judging whether the corresponding source code has a buffer overflow vulnerability according to the phenomenon after the data is received by the detected end, and then reporting the corresponding detection result.
Referring to fig. 2, a detection method of the system for detecting the overflow vulnerability of the source code buffer area of the sensor network is introduced, wherein the first step, the second step and the third step in the detection method respectively represent respective operation flows of a security threat positioning module, a taint analysis module and a test case generation module in an overflow vulnerability analysis device. And representing the operation flow of a detection end and a detected end in the overflow vulnerability testing device, namely the method comprises the following five steps:
Step 2, the buffer overflow vulnerability analysis device firstly submits the source code to a security threat positioning module for scanning, judges whether a security threat function exists or not, and if not, ends the detection method; if so, a security threat function in the source code is located and submitted to the taint analysis module.
Referring to fig. 3, the following operations included in step 2 are specifically described:
(21) defining a set of threat functions: the security threat positioning module is pre-installed with a threat function set composed of the set receiving functions of the sensor network communication protocol (including active message protocol AM, Zigbee protocol and IPv 6Low power Wireless Personal area network protocol 6LoWPAN (IPv 6over Low power Wireless Personal area networks)): since the external 'untrusted' data received by the sensor nodes in the wireless sensor network has security threat, all possible receiving functions of the external 'untrusted' data are defined as threat functions to form a threat function set.
(22) Extracting a function set of the source code: the security threat positioning module scans a source code and extracts all functions defined and called in the source code to form a source code function set;
(23) two sets of functions are compared: sequentially comparing function names in the source code function set with function names in the threat function set, if the same function names exist, recording the function names and line numbers of the functions in the source codes, and sending the parameters to a taint analysis module; otherwise, the detection process is ended.
Step 3, the taint analysis module carries out taint propagation analysis on the positioned security threat function, namely, the flow direction of taint data (namely the data received by the sensor node and the data processed by the received data) is tracked, and the taint propagation theory is used for analyzing and judging whether the taint propagation phenomenon occurs to the threat function, if not, the detection method is ended; if the buffer overflow fault occurs, the source code is required to be tested by using a test case, which indicates that the source code may have a security threat of the buffer overflow fault.
The invention applies the following conventional theory of stain propagation: for a program instruction i, a variable x and a taint set T in a set source code, the following steps are provided: x ∈ dstsiThe dstsiFor the destination operand set of program instruction i, src [ x ]]iIs a set of source operands, x, for a program instruction i and a destination operand; if x ∈ dsts is satisfiediΛ(y∈src[x]iI.e. for a program instruction i, the source operand set is not null (i.e. there is a source operand) and belongs to the taint set T, the destination operand x is added to the taint set T. This addition operation is called taint propagation; if x ∈ dsts is satisfiediΛ(y∈src[x]iY ∈ T) = Φ, the destination operand x is removed from the dirty set T.
The step 3 comprises the following specific operation contents:
(31) initializing a taint data set: the taint analysis module collects the received data of the sensor nodes to form an initial taint data set according to the security threat function and the position of the security threat function; wherein the injection point of the taint data is the position of the threat function;
(32) tracking taint data and applying taint propagation theory analysis: the taint analysis module extracts source operands and destination operands of each program instruction in sequence from an injection point of each taint data, adds or deletes elements in the taint data set by using a taint propagation theory, judges whether a taint propagation phenomenon occurs or not, if so, indicates that buffer overflow safety threat possibly exists in a source code, and records the instruction position of taint propagation; otherwise, the detection method is ended.
Step 4, the test case generation module constructs a trigger condition of the source code buffer overflow vulnerability, solves and generates a test case according to the trigger condition, and then submits the test case to a buffer overflow test end for testing;
the step 4 comprises the following operation contents:
(41) constructing a path constraint condition: in order to generate a program flow chart of the threat function, a test case generation module calculates a path condition from a taint data injection point to a taint propagation position; marking the line number of a program instruction at the initial position of a threat function in a source code, and then representing various branches of the program including a sequence structure, a selection structure and a loop structure by using a basic unit structure to generate a program control flow chart; counting all paths from a stain injection point to a stain propagation position in the flow chart, and calculating path constraint conditions;
(42) constructing the necessary conditions for buffer overflow: in order to test the buffer overflow vulnerability, constructing a section of ultralong taint data containing a jump address and shellcode, wherein the jump address is used for covering a return address of a threat function, and when the threat function is executed, automatically returning to a new jump address, namely jumping to the shellcode address for execution; shellcode is a segment of executable data code to be injected;
(43) solving constraint conditions: and solving and generating the test case meeting the overflow condition of the source code buffer area according to the path constraint condition and the necessary condition of the buffer area overflow obtained in the two steps.
And 5, installing the detected source code at the detected end by the overflow vulnerability testing device, installing a test case at the detected end, then sending test case data to the detected end by the detected end, after receiving the test case data at the detected end, judging whether the source code has buffer overflow vulnerability or not according to the phenomenon that the detected end receives the test case data, and making a corresponding notice on the test result.
The invention has been carried out a number of times with simulation tests whose parameters are shown in the table below.
Operating system | TinyOS |
System language | NesC |
Hardware Condition | 2 sensor node (detection end A and B) |
Detecting an object | Based on NesC languageSensor network source code of |
Shellcode function | Lighting lamp |
The operation steps of the embodiment of the method for detecting the overflow of the sensor network buffer area are as follows:
(1) and (3) overflow vulnerability analysis: the method for detecting the buffer overflow detects the NesC source code of the node in the sensor network. Solving and generating a test case meeting the buffer overflow condition for the NesC source code with the taint propagation phenomenon.
(2) And (3) overflow vulnerability testing: and installing a test case at the detection end node A, and installing the detected NesC source code at the detected end node B. The test case data is sent by node a to node B. And after the node B receives the test data, judging whether a buffer overflow vulnerability exists according to the test phenomenon of the node B. If the B is on, indicating that a buffer overflow vulnerability exists in the NesC source code corresponding to the node B; otherwise, there is no buffer overflow hole.
(3) And (4) reporting the test result: network management personnel acquire the test result and take improvement measures for the source code.
(4) And (3) improving source code measures: and extracting a certain source code sample from the NesC source code with the buffer overflow vulnerability, analyzing the positioned security threat function and the program instruction of the taint propagation, wherein the instruction function is to copy the character string, and the cause of the vulnerability is that the unsafe character string copy function is called, and the boundary check is not carried out when the taint data is copied, so that the buffer overflow vulnerability is triggered. Therefore, the security of the NesC source code is improved by improving the character string copy functions or replacing the character string copy functions with other secure functions.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (4)
1. A sensor network source code buffer overflow vulnerability detection system is characterized in that: the system is provided with the following two devices:
the overflow vulnerability analysis device is used for performing buffer overflow analysis on a source code in the sensor network and is provided with three modules of security threat positioning, stain analysis and test case generation which are sequentially connected; the security threat positioning module is responsible for scanning a source code and positioning a security threat function existing in the source code, and submitting a scanning result to the taint analysis module; the taint analysis module is responsible for carrying out taint analysis on the security threat function and judging whether buffer overflow security threats exist or not so as to determine whether buffer overflow bugs need to be tested by using a test case or not; the test case generation module is responsible for constructing a trigger condition of the source code buffer overflow vulnerability, solving and generating a corresponding test case according to the trigger condition, and then submitting the test case to the buffer overflow vulnerability testing device for testing;
the overflow vulnerability testing device is used for testing whether buffer overflow vulnerabilities exist in the source codes according to the test cases from the overflow vulnerability analyzing device and informing the testing results so as to take improvement measures on unsafe codes; the device is provided with a detection end and a detected end, wherein the detection end is a sensor node internally provided with a test case and used for sending test data for triggering the buffer overflow leak to the detected end; the detected end is a sensor node internally provided with a source code to be detected and is used for receiving the test data sent by the detecting end, judging whether the corresponding source code has a buffer overflow vulnerability according to the phenomenon after the data is received by the detected end, and then making a corresponding detection result notice.
2. The system of claim 1, wherein: the source code comprises a source program written in C language and component-based NesC language extended by C language.
3. A detection method of a sensor network source code buffer overflow vulnerability detection system is characterized in that: the method comprises the following operation steps:
(1) inputting a source code in a sensor network into an overflow vulnerability analysis device;
(2) a security threat positioning module in the overflow vulnerability analysis device scans a source code and judges whether a security threat function exists or not; if not, ending the detection method; if the security threat function exists, the security threat function in the source code is located and submitted to a taint analysis module; the method comprises the following steps:
(21) the security threat positioning module is pre-loaded with a threat function set consisting of the set receiving functions of the sensor network communication protocol: because the external 'untrustworthy' data received by the sensor nodes in the wireless sensor network has security threats, all possible receiving functions are defined as threat functions to form a threat function set;
(22) the security threat positioning module scans a source code and extracts all functions defined and called in the source code to form a source code function set;
(23) sequentially comparing function names in the source code function set with function names in the threat function set, if the same function names exist, recording the function names and line numbers of the functions in the source codes, and sending the parameters to a taint analysis module; otherwise, ending the detection process;
(3) the taint analysis module carries out taint propagation analysis on the positioned security threat function, namely, the flow direction of taint data is tracked, and a taint propagation theory is used for analyzing whether a taint propagation phenomenon occurs in the threat function, if not, the detection method is ended; if the source code is detected to have the buffer overflow bug, the source code is judged to have the buffer overflow bug, and the buffer overflow bug is detected to be the source code; the method comprises the following steps:
(31) the taint analysis module collects the received data of the sensor nodes to form an initial taint data set according to the security threat function and the position of the security threat function; wherein the injection point of the taint data is the position of the threat function;
(32) the taint analysis module extracts source operands and destination operands of each instruction in sequence from an injection point of each taint data, adds or deletes elements in the taint data set by using a taint propagation theory, judges whether a taint propagation phenomenon occurs or not, if so, indicates that buffer overflow safety threat possibly exists in a source code, and records instruction positions of taint propagation; otherwise, ending the detection method;
(4) the test case generation module constructs a trigger condition of the source code buffer area overflow vulnerability, solves and generates a test case according to the trigger condition, and then submits the test case to an overflow vulnerability testing device for testing; the method comprises the following steps:
(41) constructing a path constraint condition: in order to generate a program flow chart of the threat function, a test case generation module calculates a path condition from a taint data injection point to a taint propagation position; marking the line number of a program instruction at the initial position of a threat function in a source code, and then representing various branches of the program including a sequence structure, a selection structure and a loop structure by using a basic unit structure to generate a program control flow chart; counting all paths from a stain injection point to a stain propagation position in the flow chart, and calculating path constraint conditions;
(42) constructing the necessary conditions for buffer overflow: in order to test the buffer overflow vulnerability, constructing a section of ultralong taint data containing a jump address and shellcode, wherein the jump address is used for covering a return address of a threat function, and when the threat function is executed, automatically returning to the jump address, namely jumping to the shellcode address for execution; shellcode is a segment of executable data code to be injected;
(43) solving constraint conditions: solving and generating a test case meeting the overflow condition of the source code buffer area according to the path constraint condition and the necessary condition of the buffer area overflow obtained in the two steps;
(5) the overflow vulnerability testing device is used for installing a detected source code at a detected end, installing a test case at the detected end, then sending test case data to the detected end by the detected end, judging whether the source code has buffer overflow vulnerability according to the phenomenon after the detected end receives the test case data, and making a corresponding notice on a test result.
4. The method of claim 3, wherein: the set sensor network communication protocols comprise an active message AM protocol, a Zigbee protocol and an IPv6 low-power wireless personal area network 6LoWPAN protocol.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011100524520A CN102129538B (en) | 2011-03-04 | 2011-03-04 | System and method for detecting buffer overflow vulnerability of source code of sensor network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2011100524520A CN102129538B (en) | 2011-03-04 | 2011-03-04 | System and method for detecting buffer overflow vulnerability of source code of sensor network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102129538A CN102129538A (en) | 2011-07-20 |
CN102129538B true CN102129538B (en) | 2013-05-08 |
Family
ID=44267619
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2011100524520A Expired - Fee Related CN102129538B (en) | 2011-03-04 | 2011-03-04 | System and method for detecting buffer overflow vulnerability of source code of sensor network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102129538B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3019994A4 (en) * | 2013-07-12 | 2017-05-10 | Hewlett-Packard Enterprise Development LP | Analyzing target software for security vulnerabilities |
CN104809391B (en) * | 2014-01-26 | 2018-08-14 | 华为技术有限公司 | Buffer overflow attack detection device, method and security protection system |
CN104021084A (en) * | 2014-06-19 | 2014-09-03 | 国家电网公司 | Method and device for detecting defects of Java source codes |
CN104462973B (en) * | 2014-12-18 | 2017-11-14 | 上海斐讯数据通信技术有限公司 | The dynamic malicious act detecting system and method for application program in mobile terminal |
CN105718799B (en) * | 2015-09-10 | 2020-07-14 | 哈尔滨安天科技集团股份有限公司 | Method and system for identifying file overflow vulnerability |
CN107729747A (en) * | 2017-11-10 | 2018-02-23 | 中国科学院软件研究所 | A kind of heap overflow detection method towards binary program |
CN110661804B (en) * | 2019-09-29 | 2021-12-31 | 南京邮电大学 | Stain analysis vulnerability detection method for firewall |
CN111506900B (en) * | 2020-04-15 | 2023-07-18 | 抖音视界有限公司 | Vulnerability detection method and device, electronic equipment and computer storage medium |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101482846A (en) * | 2008-12-25 | 2009-07-15 | 上海交通大学 | Bug excavation method based on executable code conversed analysis |
CN101551842A (en) * | 2009-05-05 | 2009-10-07 | 天津大学 | Safety test method based on model driving |
CN101908006B (en) * | 2010-07-30 | 2011-12-14 | 北京理工大学 | GCC abstract syntax tree-based buffer overflow vulnerability detection method |
-
2011
- 2011-03-04 CN CN2011100524520A patent/CN102129538B/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
CN102129538A (en) | 2011-07-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102129538B (en) | System and method for detecting buffer overflow vulnerability of source code of sensor network | |
Milajerdi et al. | Poirot: Aligning attack behavior with kernel audit records for cyber threat hunting | |
Milajerdi et al. | Holmes: real-time apt detection through correlation of suspicious information flows | |
Tripp et al. | Andromeda: Accurate and scalable security analysis of web applications | |
Avancini et al. | Security testing of web applications: A search-based approach for cross-site scripting vulnerabilities | |
Yi et al. | An intelligent communication warning vulnerability detection algorithm based on IoT technology | |
Huang et al. | UChecker: Automatically detecting php-based unrestricted file upload vulnerabilities | |
DaCosta et al. | Characterizing the'security vulnerability likelihood'of software functions | |
Al Anhar et al. | Evaluation of web application vulnerability scanner for modern web application | |
Kang et al. | Scaling javascript abstract interpretation to detect and exploit node. js taint-style vulnerability | |
Yu et al. | CoCo: Efficient Browser Extension Vulnerability Detection via Coverage-guided, Concurrent Abstract Interpretation | |
Inamdar et al. | A survey on web application security | |
Ding et al. | Accurate and efficient exploit capture and classification | |
Shi et al. | Analysis of web security comprehensive evaluation tools | |
Mei et al. | CTScopy: hunting cyber threats within enterprise via provenance graph-based analysis | |
Laranjeiro et al. | Protecting database centric web services against SQL/XPath injection attacks | |
Antoniol | Keynote paper: Search based software testing for software security: Breaking code to make it safer | |
Gallingani et al. | Practical exploit generation for intent message vulnerabilities in android | |
Dharam et al. | A framework for development of runtime monitors | |
Tang et al. | Dynamic taint analysis for vulnerability exploits detection | |
EP4044057B1 (en) | Method and system for identifying security vulnerabilities | |
Hanna et al. | A synergy between static and dynamic analysis for the detection of software security vulnerabilities | |
US12050695B2 (en) | Method and system for identifying security vulnerabilities | |
Jawalkar et al. | JIID: Java input injection detector for pre-deployment vulnerability detection | |
Eassa et al. | IMATT: An Integrated Multi-Agent Testing Tool for the Security of Agent-Based Web Applications |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130508 Termination date: 20140304 |