计算机科学与探索 ›› 2021, Vol. 15 ›› Issue (9): 1619-1631.DOI: 10.3778/j.issn.1673-9418.2008083

• 学术研究 • 上一篇    下一篇

基于代码克隆检测的操作系统脆弱性分析方法

汪哲,任怡,周凯,管剑波,谭郁松   

  1. 国防科学技术大学 计算机学院,长沙 410073
  • 出版日期:2021-09-01 发布日期:2021-09-06

Operation System Vulnerabilities Analysis Based on Code Clone Detection

WANG Zhe, REN Yi, ZHOU Kai, GUAN Jianbo, TAN Yusong   

  1. College of Computer, National University of Defense Technology, Changsha 410073, China
  • Online:2021-09-01 Published:2021-09-06

摘要:

基于代码克隆检测技术进行软件脆弱性检测,是软件脆弱性静态分析中的一个重要方向。目前,已有软件脆弱性检测工具在面向大规模代码集的脆弱性检测方面存在不足,且缺乏针对操作系统脆弱性的优化。为此,基于代码克隆检测技术,提出了一种操作系统脆弱性检测方法。首先在一般的“代码表征—提取特征—特征比对”检测流程的基础上,加入了基于操作系统软件包类型和函数代码规模的预筛选机制,在进行代码表征之前排除大部分无关代码。其次选择函数基本信息、符号序列和控制流路径三个角度提取代码特征,逐级比较脆弱代码和待测代码的相似度。最后从公开脆弱性数据库获取脆弱样本,对典型开源操作系统进行了实验,结果显示预筛选能够有效缩减实验对象的代码规模,而检测结果的平均精确度达到了84%。

关键词: 脆弱性检测, 代码克隆, 操作系统, 代码特征, 静态分析

Abstract:

Software vulnerability detection based on code clone detection technology is an important direction in the static analysis of software vulnerability. At present, the existing software vulnerability detection tools have deficie-ncies in the vulnerability detection for large-scale code sets, and lack of optimization for the vulnerability characte-ristics of the operating system. Therefore, based on the code clone detection technology, this paper proposes a method for detecting the vulnerability of the operating system. Firstly, on the basis of the general “code representation-extracting features-feature comparison” detection process, a pre-screening mechanism based on the type of operating system software package and function code size is added to exclude most irrelevant code before performing code representation. Secondly, the basic information of the function, the label sequence and the control flow path are selected to extract the code features, and the similarity between the fragile code and the code under test is compared step by step. Finally, experiments are conducted on typical open source operating systems with fragile samples obtained from the public vulnerability database. The results show that the pre-screening can effectively reduce the code size of the test subjects, and the average accuracy of the detection results reaches 84%.

Key words: vulnerability detection, code clone, operating system, code feature, static analysis