{"title":"基于动态二进制平台的漏洞样本分析","authors":"Wenjuan Bu, Fei Kang, Yuntian Zhao, Jianbo Xu","doi":"10.1145/3510858.3511010","DOIUrl":null,"url":null,"abstract":"Based on the existing vulnerability exploitation detection technology, this paper analyzes the buffer overflow vulnerability exploitation process, and detects vulnerability triggering, protection mechanism bypassing and shellcode execution by dynamic binary instrumentation (DBI) monitoring program execution process; According to the analysis of vulnerability sample shellcode behavior, the method of recording instruction information and key API function information is designed based on instrumentation API function; A prototype platform of vulnerability sample transplantation and utilization based on dynamic binary is designed and implemented, and test analysis of 40 typical vulnerability samples is carried out to verify the effectiveness and feasibility of the system.","PeriodicalId":6757,"journal":{"name":"2021 IEEE 3rd International Conference on Civil Aviation Safety and Information Technology (ICCASIT)","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2021-12-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Vulnerability Sample Analysis Based on Dynamic Binary Platform\",\"authors\":\"Wenjuan Bu, Fei Kang, Yuntian Zhao, Jianbo Xu\",\"doi\":\"10.1145/3510858.3511010\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Based on the existing vulnerability exploitation detection technology, this paper analyzes the buffer overflow vulnerability exploitation process, and detects vulnerability triggering, protection mechanism bypassing and shellcode execution by dynamic binary instrumentation (DBI) monitoring program execution process; According to the analysis of vulnerability sample shellcode behavior, the method of recording instruction information and key API function information is designed based on instrumentation API function; A prototype platform of vulnerability sample transplantation and utilization based on dynamic binary is designed and implemented, and test analysis of 40 typical vulnerability samples is carried out to verify the effectiveness and feasibility of the system.\",\"PeriodicalId\":6757,\"journal\":{\"name\":\"2021 IEEE 3rd International Conference on Civil Aviation Safety and Information Technology (ICCASIT)\",\"volume\":\"1 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE 3rd International Conference on Civil Aviation Safety and Information Technology (ICCASIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3510858.3511010\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE 3rd International Conference on Civil Aviation Safety and Information Technology (ICCASIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3510858.3511010","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Vulnerability Sample Analysis Based on Dynamic Binary Platform
Based on the existing vulnerability exploitation detection technology, this paper analyzes the buffer overflow vulnerability exploitation process, and detects vulnerability triggering, protection mechanism bypassing and shellcode execution by dynamic binary instrumentation (DBI) monitoring program execution process; According to the analysis of vulnerability sample shellcode behavior, the method of recording instruction information and key API function information is designed based on instrumentation API function; A prototype platform of vulnerability sample transplantation and utilization based on dynamic binary is designed and implemented, and test analysis of 40 typical vulnerability samples is carried out to verify the effectiveness and feasibility of the system.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
