Research On Binary Firmware Vulnerability Detection Method Based On Similarit

While Io T firmware devices bring convenience to life,the network security problems brought about by its vulnerabilities are also becoming more and more serious.On the one hand,the firmware functional components that play an important role usually come from a large number of open source software,and the vulnerabilities in open source software will cause large-scale vulnerability propagation.On the other hand,firmware operating platforms are diversified,and traditional vulnerability detection methods require firmware to run,making them unsuitable for large-scale rapid detection.Therefore,binary code vulnerability detection technology based on similarity technology has attracted great attention from academia and business circles.However,the current similarity-based binary function similarity solution,on the one hand,suffers from coarse-grained vulnerability descriptions and faces the challenge of high vulnerability false positive rate;on the other hand,it cannot identify security vulnerabilities triggered by cross-functions,and lacks fine-grained vulnerabilities.Due to the filtering mechanism,existing solutions have certain limitations in practical applications.In the above background,this paper combines binary code representation technology,binary code data dependency analysis technology and binary semantic similarity detection technology to conduct research on firmware vulnerability detection methods.The main work content and research results of this paper are as follows:1.Aiming at the lack of coarse-grained vulnerability feature description in the current binary similarity scheme,a fine-grained binary vulnerability detection method is proposed starting from the internal code fragment of a single function that triggers the vulnerability.Methods Taking the dangerous API called by the function as the research object,with the help of data dependency analysis technology,the API name and API parameter slice sequence are represented as vulnerability features,and a vulnerability similarity comparison model is constructed.Experimental results show that the model has high accuracy in vulnerability detection.2.Aiming at the problem that the current scheme cannot identify cross-function vulnerabilities,this paper analyzes the data dependencies of function key statements,extracts function similarity features and function vulnerability features,and proposes a multi-feature binary code vulnerability detection method.Methods By identifying the variable reference behavior and variable assignment behavior of key statements,tracking the data dependencies that affect the above behavior,combined with the inter-function call graph,to achieve cross-function multi-feature extraction.Experimental results show that the model has a high performance index in vulnerability detection.