一种基于虚拟执行与判定覆盖结合的Flash漏洞检测方法

发布时间：2018-05-30 14:08

本文选题：Flash + 漏洞检测　；参考：《中南大学学报(自然科学版)》2013年12期

【摘要】：基于Flash在网络上应用十分广泛,但一直以来不断出现许多严重的安全问题,提出并实现一种基于虚拟执行与判定覆盖相结合的Flash漏洞检测方法。对于待检测的Flash文件,通过对其进行反编译得到ActionScript代码;然后,分析其类结构,根据分析的结果生成多个虚拟执行流程,每个虚拟流程是对某一段代码的虚拟执行;最后,将虚拟流程的执行结果与漏洞规则进行匹配以判断是否包含漏洞。测试结果表明:所提出的漏洞检测方法具有误判率低、执行效率高的特点。
[Abstract]:Flash is widely used in network, but there are many serious security problems all the time. A Flash vulnerability detection method based on virtual execution and decision overlay is proposed and implemented. For the Flash file to be detected, the ActionScript code is obtained by decompiling it; then, the class structure is analyzed and several virtual execution processes are generated according to the results of the analysis, each virtual process is a virtual execution of a certain piece of code; finally, The execution result of the virtual process is matched with the vulnerability rule to determine whether the vulnerability is included. The test results show that the proposed vulnerability detection method has the characteristics of low error rate and high execution efficiency.
【作者单位】：中南大学信息科学与工程学院;湖南省公安消防总队;
【基金】：国家自然科学基金资助项目(61202494,61202341) 湖南省科技计划重点项目(2011GK2008) 新世纪优秀人才支持计划项目(NCET-10-0798) 金属矿山安全技术国家重点实验室开放基金资助项目(2012KFJJ02)
【分类号】：TP393.08

【参考文献】