在思科互联网操作系统( Cisco IOS)中,系统安全漏洞已经成为信息安全风险的主要根源之一,全面发现与及时修补IOS的漏洞非常必要。为此,提出一种基于细粒度污点分析的启发式模糊测试方法。给出细粒度污点传播规则的形式化描述,以及基于细粒度污点分析的安全敏感操作判定规则,为获取启发式信息提供依据;采用启发式测试用例生成的方法,设计并实现Cisco IOS漏洞挖掘原型系统CTaintMiner,测试结果表明,系统具备较好的漏洞挖掘能力,验证了启发式模糊测试方法的有效性。%Cisco Internet Operating System ( IOS ) is an operating system running on Cisco routing and switching equipment. Its security is very important. As the system security vulnerability becomes one of the main causes of information security risk,to discover and timely repair vulnerabilities in IOS is very necessary. A heuristic fuzzing method based on fine-grained taint analysis is proposed. Fine-grained taint propagation rules are presented in formal description. Judgment rules based on fine-grained taint analysis are proposed,providing the basis to acquire heuristic information. A method to generate heuristic test cases is proposed. It designs and develops a vulnerability mining prototype system named CTaintMiner for Cisco IOS. The mining system is used to do practical tests,and results show that CTaintMiner mining system has a better ability to do vulnerability mining and verifies the validity of the test method.
展开▼
