基于结构特征的二进制代码安全缺陷分析模型

针对现有方法检测复杂结构二进制代码安全缺陷的不足，提出新的分析模型，并给出其应用方法。首先以缺陷的源代码元素集合生成特征元素集合，抽取代码结构信息，构建分析模型。然后依据各类中间表示（IR,intermediate representation）语句的统计概率计算分析模型，查找满足特征模型的IR代码组，通过IR代码与二进制代码的转换关系，实现对二进制程序中代码安全缺陷的有效检测。分析模型可应用于二进制单线程程序和并行程序。实验结果表明，相对于现有方法，应用该分析模型能够更全面深入地检测出各类结构复杂的二进制代码安全缺陷，且准确率更高。

Analysis model of binary code security flaws based on structure characteristics

Aiming at the shortcomings of the existing methods to detect the security flaws that have complex structures,a new analysis model and its application method was proposed.First,analysis models based on key information of code structures extracted from path subsets of characteristic element sets that are generated by source code element sets of code security flaws were constructed.Then the analysis model according to the statistical probability of each kind of IR statement was calculated,and the IR code group which matched the feature model was found.Finally,through the translating relation between binary codes and IR codes,various code security flaws of binary program were found out.The analysis models can be applied to both common single-process binary programs and binary parallel programs.Experimental results show that compared with the existing methods,the application of the analysis model can be more comprehensive and in-depth in detecting various types of complex binary code security flaws with higher accuracy.