A Vulnerability Detection Method Based on Random Detection Algorithm and Information Aggregation

doi:10.3969/j.issn.1671-1122.2019.01.001

Abstract

Abstract:

As the complexity of computer software continues to grow, the security of software architectures continues to decline. Due to the high coupling of software modules, the number of software vulnerabilities has increased dramatically. The detection and protection technologies of security vulnerabilities have gradually become key research directions in the field of network security. However, the existing vulnerability detection methods have many shortcomings. Fuzzy testing technology consumes a lot of time, and there is no fast vulnerability scanning method for large-scale binary programs in the industry. Based on machine learning method, this paper uses a random detection algorithm to extract lightweight static features of decompiled programs, and aggregates parameters in the process of extracting dynamic features. Text-CNN, Logistic and random forest algorithms are used to train dynamic and static features respectively. Experiments show that this method can effectively detect vulnerabilities in binary programs.

Key words: vulnerability detection, feature extraction, machine learning

CLC Number:

TP309

Weiping WEN, Jingwei LI, Yingnan JIAO, Hailin LI. A Vulnerability Detection Method Based on Random Detection Algorithm and Information Aggregation[J]. Netinfo Security, 2019, 19(1): 1-7.

Figures/Tables 8

References 18

[1]	RAWAT S, MOUNIER L.Finding Buffer Overflow Inducing Loops in Binary Executables[C]// IEEE.IEEE Sixth International Conference on Software Security and Reliability, June 20-22, 2012, Gaithersburg, MD, USA.NJ: IEEE, 2012:177-186.
[2]	SONG Yuanyuan, Sovarel A N, YANG Jing. Detection and Prevention of Memory Corruption Attacks[EB/OL]..
[3]	WANG Xiajing, HU Changzhen, MA Rui, et al.A Survey of the Key Technology of Binary Program Vulnerability Discovery[J].Netinfo Security,2017,17(8):1-13.
	王夏菁, 胡昌振, 马锐, 等. 二进制程序漏洞挖掘关键技术研究综述[J]. 信息网络安全, 2017, 17(8): 1-13.
[4]	VIEGA J, BLOCH J T, KOHNO Y, et al.ITS4: A static Vulnerability Scanner for C and C++ code[C]// IEEE. 16th Annual Computer Security Applications Conference (ACSAC'00), December 11-15, 2000, New Orleans, LA, USA.NJ:IEEE, 2000:257-267.
[5]	Google Inc. and Cpplint Developers. Cpplint[EB/OL]..
[6]	THENAULT S. Pylint—Code Analysis for Python[EB/OL].,2018-9-20.
[7]	EVANS D, LAROCHELLE D.Improving Security Using Extensible Lightweight Static Analysis[J]. IEEE Software, 2002, 19(1):42-51.
[8]	YAMAGUCHI F, GOLDE N, ARP D, et al.Modeling and Discovering Vulnerabilities with Code Property Graphs[C]// IEEE. 2014 IEEE Symposium on Security and Privacy, May 18-21, 2014, San Jose, CA, USA.NJ:IEEE, 2014:590-604.
[9]	XU Youfu, WEN Weiping, WAN Zhengsu.Vulnerability-based Model Checking of Security Vulnerabilities Mining Method[J].Netinfo Security, 2011, 11(8): 72-75.
	徐有福;文伟平;万正苏. 基于漏洞模型检测的安全漏洞挖掘方法研究[J]. 信息网络安全, 2011, 11(8): 72-75.
[10]	CAI Jun, ZOU Peng, MA Jinxin, et al.SwordDTA: A Dynamic Taint Analysis Tool for Software Vulnerability Detection[J]. Journal of Wuhan University, 2016, 21(1):10-20.
[11]	ZHANG Xiong, LI Zhoujun.Review of Fuzzy Testing Technology[J].Computer Science, 2016, 43(5):1-8.
	张雄, 李舟军. 模糊测试技术研究综述[J]. 计算机科学, 2016, 43(5):1-8.
[12]	CADAR C, DUNBAR D, ENGLER D.KLEE: Unassisted and Automatic Generation of High-coverage Tests for Complex Systems Programs[C]//ACM. The 8th USENIX Conference on Operating Systems Design and Implementation, December 8 - 10, 2008 , San Diego, California ,USA. New York:ACM,2009:209-224.
[13]	WANG T, WEI Tao, GU Guofei, et al.TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection[C]// IEEE. 2010 IEEE Symposium on Security and Privacy, May 16-19 ,2010, Berkeley/Oakland, CA, USA.NJ:IEEE, 2010:497-512.
[14]	SEN K, AGHA G.CUTE and jCUTE: Concolic Unit Testing and Explicit Path Model-Checking Tools[C]// ACM. The 18th International Conference on Computer Aided Verification, August 17 - 20, 2006, Seattle, WA,USA.New York:ACM, 2006:419-423.
[15]	SANTOS I, DEVESA J, BREZO F, et al.OPEM: A Static-Dynamic Approach for Machine-Learning-Based Malware Detection[M]//Springer. International Joint Conference CISIS’12-ICEUTE´12-SOCO´12 Special Sessions. Heidelberg :Springer Berlin Heidelberg, 2013:271-280.
[16]	YAMAGUCHI F, LINDNER F, RIECK K.Vulnerability Extrapolation: Assisted Discovery of Vulnerabilities using Machine Learning[C]//ACM. The 5th USENIX Conference on Offensive Technologies , August 8-12, 2011, San Francisco, CA ,USA.New York:ACM,2012:13.
[17]	Springer. Transactions on Rough Sets[M]. Heidelberg: Springer-Verlag Berlin Heidelberg, 2008.
[18]	GRIECO G, GRINBLAT G L, UZAL L, et al.Toward Large-Scale Vulnerability Discovery Using Machine Learning[C]// ACM. The Sixth ACM Conference on Data and Application Security and Privacy , March 9 - 11, 2016, New Orleans, Louisiana, USA.New York:ACM, 2016:85-96.

实验环境	硬件	配置
硬件环境	CPU	2.5 GHz Intel Core i76700
	内存	8 GB 1600 MHz DDR3
	GPU	GTX 1080Ti
软件环境	Docker	17.12.0-ce
	Ubuntu	16.04.3LTS
	python	2.7.13
	Sklearn	0.19
	cudnn	5.1
	cuda	8.0
	keras	1.2.0
	Nvidiadriver	384

分类器	特征集	精确率	召回率	F1
Logistic回归	静态	0.332	0.523	0.406
随机森林	静态	0.383	0.568	0.457
Text-CNN	静态	0.572	0.208	0.305
Logistic回归	动态	0.342	0.432	0.381
随机森林	动态	0.401	0.543	0.461
Text-CNN	动态	0.421	0.552	0.478
随机预测	—	0.08	0.08	0.08