基于反汇编技术的嵌入式软件缺陷静态检测研究

发布时间：2018-03-19 00:26

本文选题：嵌入式软件　切入点：二进制　出处：《杭州电子科技大学》2013年硕士论文　论文类型：学位论文

【摘要】：随着微时代的到来，嵌入式软件发展受到广泛的关注，但软件缺陷问题也越来越凸显。软件缺陷问题可能会给社会带来经济等各方面的损失，而且大部分的嵌入式软件都有高可靠性和高安全性的要求，因此，需要针对嵌入式软件进行缺陷检测。目前，市场上的大部分商业软件以二进制代码的形式出现，如何判定二进制程序中是否具有安全缺陷是一个亟待解决的问题。当前X86平台下的二进制代码缺陷检测系统相对成熟，而基于嵌入式平台（如ARM平台）缺陷检测系统还不够成熟。反汇编技术是基于二进制代码的嵌入式软件缺陷检测工作中的重要一环，但专门针对嵌入式软件缺陷检测的反汇编算法和相关技术较少。另一方面，与动态分析相比，静态分析能够较全面的覆盖系统代码，为动态分析提供相应的程序结构，减少了一定的工作量。本文利用反汇编技术，开展了基于二进制代码的嵌入式软件缺陷静态检测研究，主要研究点和创新点在于： 1、总结分析了嵌入式软件缺陷检测方法，对现有的缺陷检测流程进行分析总结，分析了ARM的编码特点，详细阐述了嵌入式软件缺陷静态检测方法，包括反汇编、数据流分析、控制流分析等。 2、设计了一个基于二进制代码的嵌入式软件缺陷检测系统。定义和设计了系统的功能模块，阐述了各个模块在该系统的作用和相互之间的联系，根据模块之间的联系提出了该系统的体系结构。 3、针对缺陷检测需要解决的主要问题，设计了反汇编实现的总体方案，实现了静态指令分析模块中的反汇编过程。提出了一种递归—线性扫描的反汇编算法，，然后，通过实验验证了算法的正确性和结果的可读性，最后对反汇编代码覆盖率做了比较分析。 4、利用反汇编技术设计了基于BinNavi平台的缺陷检测模型。在反汇编的基础上，借助BinNavi平台和Postgres数据库平台的支撑，设计并实现了一个新的缺陷检测模型，并以越界非法访问为例证明了该检测模型和缺陷检测算法的有效性。
[Abstract]:With the micro era, embedded software development has attracted wide attention, but the problem of software is becoming more and more prominent. The problem of software defect may bring economic and other aspects of the loss to the society, and most of the embedded software has high reliability and high security requirements, so the need for embedded software defect detection. At present, most of the commercial software on the market appears in the form of binary code, how to determine whether the binary program has a security flaw is a problem to be solved. The two code defect detection system based on X86 platform is relatively mature, and based on the embedded platform (ARM platform) defect detection system is not mature enough. Assembly technology is the binary code embedded software defects detection based on an important part of the work, but specifically for embedded software defect detection counter Assembly algorithm and related technology are few. On the other hand, compared with dynamic analysis, static analysis can cover the system code more comprehensively, and provide corresponding program structure for dynamic analysis, and reduce workload.
In this paper, the research on static detection of embedded software defects based on binary code is carried out by disassembly technology. The main research points and innovation points are as follows:
1, we summarize and analyze the embedded software defect detection methods, analyze the existing defect detection process, analyze the coding characteristics of ARM, and elaborate the static detection methods of embedded software defects, including disassembly, data flow analysis, control flow analysis and so on.
2, a binary software based embedded software defect detection system is designed. The functional modules of the system are defined and designed, and the roles of each module in the system and their relations are discussed. Based on the relationship between modules, the architecture of the system is proposed.
3, in view of the main problems need to solve the defect detection, overall design of the disassembly realization, realizes the static instruction analysis of disassembly process module. A recursive linear sweep disassembly algorithm, then, readability and correctness of the algorithm is verified by the experimental results, at the end of the counter the rate of assembly code to do a comparative analysis of coverage.
4, the use of disassembly technology to design defect detection model based on the BinNavi platform. Based on the disassembly of BinNavi platform and Postgres database platform through the design and implementation of a new defect detection model, and to cross-border illegal access to prove the validity of the measurement model and defect detection algorithm for inspection cases.

【学位授予单位】：杭州电子科技大学
【学位级别】：硕士
【学位授予年份】：2013
【分类号】：TP311.53;TP368.1

【参考文献】