A Systematic Review of Binary Program Vulnerabilities Feature Extraction and Discovery Strategy Generation Methods

Abstract

At present, the cyber security situation has turned increasingly serious across the globe. The cyberspace has become the fifth domain of various nations following the four domains of land, sea, sky and outer space. It is gradually obvious for the cyber attacks to collectivize and nationalize. Under this circumstance, as the first line of defense in maintaining cyber security defense, the control on the vulnerabilities is extremely significant. In consideration of the problem of low discovering efficiency in current vulnerability fuzzy testing discovery methods, this paper intends to explore the binary program vulnerability feature extraction and vulnerability discovery guiding strategy generation methods. Then, the extraction of the program control flow and data flow information and slicing operation are obtained according to program logic. Depending on a potential assessment model of binary program vulnerabilities based on the main hierarchy analysis method, the paper achieves a reasonable assessment of the potential of vulnerabilities in different slices of the program. Finally, in accordance with the evaluation results, a generation method for the vulnerability discovery path is proposed to improve the efficiency of binary program vulnerability discovery.