For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Binary Oriented Vulnerability Analyzer Based on Hidden Markov Model
Hao BAI Chang-zhen HU Gang ZHANG Xiao-chuan JING Ning LI
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2010/12/01
Online ISSN: 1745-1361
Print ISSN: 0916-8532
Type of Manuscript: LETTER
Category: Dependable Computing
executable program, binary, double precision analysis, vulnerability instruction library, Hidden Markov Model,
Full Text: PDF(118.9KB)>>
The letter proposes a novel binary vulnerability analyzer for executable programs that is based on the Hidden Markov Model. A vulnerability instruction library (VIL) is primarily constructed by collecting binary frames located by double precision analysis. Executable programs are then converted into structurized code sequences with the VIL. The code sequences are essentially context-sensitive, which can be modeled by Hidden Markov Model (HMM). Finally, the HMM based vulnerability analyzer is built to recognize potential vulnerabilities of executable programs. Experimental results show the proposed approach achieves lower false positive/negative rate than latest static analyzers.