Software Vulnerability Mining Techniques Based on Data Fusion and Reverse Engineering

Abstract

Software vulnerability mining is an important component of network attack and defense technology. To address the problems of high leakage rate and false positive rate of existing static analysis methods, this paper proposes a static analysis vulnerability detection technique based on data fusion for source code. By parsing the analysis results of different detection methods and fusing the data, the technique can effectively reduce the false positive rate and the false positive rate. A prototype of a scalable source code static analysis tool is designed and implemented, which can be automatically optimized by user feedback. Finally, an example is given to demonstrate how to uncover buffer overflow software vulnerabilities in the helpctr program based on reverse engineering techniques. The experimental results show that the false positive and false negative rates are significantly reduced compared to individual vulnerability detection methods.