Software patch comparison technology through semantic analysis on function

Software patch comparison technology through semantic analysis on function

Patch comparison provides support for software vulnerability,and structural comparison has been developed.Based on summarizing binary files comparison and anti-comparison methods,comparison technology was proposed by semantic analysis on function to address the issue that structural comparison canno...

Full description

Saved in:
Bibliographic Details
Main Authors: Yan CAO, Long LIU, Yu WANG, Qingxian WANG
Format: Article
Language:English
Published: POSTS&TELECOM PRESS Co., LTD 2019-10-01
Series:网络与信息安全学报
Subjects:
vulnerability analysis
patch comparison
symbolic execution
semantic analysis
Online Access:http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2019051
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Patch comparison provides support for software vulnerability,and structural comparison has been developed.Based on summarizing binary files comparison and anti-comparison methods,comparison technology was proposed by semantic analysis on function to address the issue that structural comparison cannot carry on semantic analysis.Through traditional structural comparison,syntax differences in function-level were analyzed to find the maximum common subgraph.Then,the path cluster was built between the input and output of the function depend on program dependency analysis.Function output characteristics was established based on symbolic execution.Semantic differences of functions were compared by functional summaries.Based on the maximum isomorphic subgraph,the matched functions which there are possible semantic changes between was further analyzed.Ultimately,the experimental results showed the feasibility and advantages of the proposed method.
ISSN:2096-109X

Similar Items