| Recently,with the rapid increase in the CPU vulnerability's number and extent of harm,more attention has been paid to the relevant research on the CPU vulnerability.However,due to its complexity,the research of the CPU vulnerability is still at a preliminary level,lacking a more sophisticated CPU vulnerability detection methods and tools.Generally,the exist CPU vulnerability can be divided into two categories by its scope: CPU vulnerabilities at the designbased layer and CPU vulnerabilities in instruction set-based layer.Current research about CPU vulnerability has focused on its detection and defense.However,the CPU vulnerability detection tools is not complete in its coverage,meanwhile,the instruction set-based CPU vulnerability detection tools are of low searching efficiency and high false alarm..Aimed at above problems,this paper conducts research on the key technologies of CPU vulnerability detection.For the CPU vulnerability at design-based layer,this paper gives a comprehensive and systematic analysis to the exist vulnerabilities,and proposes a CPU vulnerability detection method based on its characteristics.For the CPU vulnerabilities in the instruction set-based layer,this paper proposes a fuzzy test method for instruction set,and proposed a instruction format identification method to improve the efficiency and reducing false positives.The main contents are summarized as follows:1.Aimed at the incomplete coverage of the existing CPU vulnerability detection tool,this paper respectively designs two detection method for CPU vulnerability in design-based layer and instruction set layer.The first CPU vulnerability characteristics based detection method solves the problem that the triggers of CPU vulnerability in design layer are scattered and difficult to merge and analyze,which extends the application surface compared to existing detection tools.The second instruction set-based detection method solves the defects of existing instruction set testing methods,and provides a better solutions for CPU instruction set test.Finally,a complete and targeted CPU vulnerability detection tool are formed by combining the above both two tools.2.For the conventional instruction set based method of low search efficiency,this paper proposes an efficient searching method for instruction set based on an instruction format identification method.This method firstly uses the modern disassembler to acquires an internal configuration of the instruction,and through the search strategy of reducing test weight combined with inefficient test instructions,ultimately improve test efficiency by filtering inefficient test instructions.3.As for the high false alarm problem in instruction set test,we propose a suspicious instruction recheck mechanism which based on an analysis of false positives suspicious instruction.Due to the recheck mechanism,suspicious instructions have been filtered,and it also reduce the false alarm rate instruction.As for the high memory cost problem in instruction set test,the paper optimized based on the analysis of algorithms instruction logic instruction format subtotals,reducing the load undocumented command search process,and ultimately improve the overall efficiency of the test.4.We design and implement the CPU vulnerability detection system CPU-VUL-Detector,a detailed description of its specific implementation included two subsystems was given.Respectively,two subsystems were evaluated for function and performance,experimental results show that when the time required CPU-VUL-ISA while searching for a specific instruction less space,and have a certain false alarm rate while reducing the memory load. |
PDF Full Text Request