Branch coverage guided symbolic execution for hybrid fuzz testing of software binaries
US-2019384697-A1 · Dec 19, 2019 · US
Method, device and computer-readable storage medium for guiding symbolic execution
US11119892B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11119892-B2 |
| Application number | US-202016829593-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 25, 2020 |
| Priority date | Jul 16, 2019 |
| Publication date | Sep 14, 2021 |
| Grant date | Sep 14, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present disclosure provides a method, apparatus, device and computer-readable storage medium for guiding symbolic execution. According to embodiments of the present disclosure, it is possible to determine the specific code region of the program, and obtain the program loop output of the program corresponding to the specific code region of the program by using the program inverse analysis method, so that it is possible to obtain the program loop input of the program corresponding to the specific code region by using the program loop predictor according to the program loop output of the program. In this way, the obtained program loop input of the program corresponding to the specific code region may be used to guide the symbolic execution to filter out impossible execution paths and jump out of the program code and reach the specific code region, thereby improving the reliability of the symbolic execution.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for guiding symbolic execution, wherein the method comprises: determining a specific code region of a program; obtaining a program loop output of the program corresponding to the specific code region of the program by using a program inverse analysis method; and obtaining a program loop input of the program corresponding to the specific code region by using a program loop predictor according to the program loop output of the program, wherein the program loop predictor is obtained by: obtaining a program state before a first iteration operation in the program loop and a program state after each iteration operation by using abstract interpretation; taking the program state before each iteration operation and the program state after the iteration operation as a piece of training data; and building the program loop predictor based on a Recurrent Neural Network (RNN) by using at least two pieces of training data composed of the program state. 2. The method according to claim 1 , wherein the determining the specific code region of the program comprises: determining the specific code region of the program by using abstract interpretation. 3. The method according to claim 1 , wherein the specific code region of the program comprises a code region where a bug point of the program lies. 4. The method according to claim 1 , wherein the building the program loop predictor based on the RNN by using the at least two pieces of training data comprises: performing embedding processing for the program state in the at least two pieces of training data to obtain a state vector; and building the program loop predictor based on the RNN by using the at least two pieces of training data after the embedding processing. 5. A device comprising: one or more processors; a storage for storing one or more programs, the one or more programs, when executed by the one or more processors, cause the one or more processors to implement a method for guiding symbolic execution, wherein the method comprises: determining a specific code region of a program; obtaining a program loop output of the program corresponding to the specific code region of the program by using a program inverse analysis method; and obtaining a program loop input of the program corresponding to the specific code region by using a program loop predictor according to the program loop output of the program, wherein the program loop predictor is obtained by: obtaining a program state before a first iteration operation in the program loop and a program state after each iteration operation by using abstract interpretation; taking the program state before each iteration operation and the program state after the iteration operation as a piece of training data; and building the program loop predictor based on a Recurrent Neural Network (RNN) by using at least two pieces of training data composed of the program state. 6. The device according to claim 5 , wherein the determining the specific code region of the program comprises: determining the specific code region of the program by using abstract interpretation. 7. The device according to claim 5 , wherein the specific code region of the program comprises a code region where a bug point of the program lies. 8. The device according to claim 5 , wherein the building the program loop predictor based on the RNN by using the at least two pieces of training data comprises: performing embedding processing for the program state in the at least two pieces of training data to obtain a state vector; and building the program loop predictor based on the RNN by using the at least two pieces of training data after the embedding processing. 9. A non-transitory computer-readable storage medium on which a computer program is stored, wherein the program, when executed by a processor, implements a method for guiding symbolic execution, wherein the method comprises: determining a specific code region of a program; obtaining a program loop output of the program corresponding to the specific code region of the program by using a program inverse analysis method; and obtaining a program loop input of the program corresponding to the specific code region by using a program loop predictor according to the program loop output of the program, wherein the program loop predictor is obtained by: obtaining a program state before a first iteration operation in the program loop and a program state after each iteration operation by using abstract interpretation; taking the program state before each iteration operation and the program state after the iteration operation as a piece of training data; and building the program loop predictor based on a Recurrent Neural Network (RNN) by using at least two pieces of training data composed of the program state. 10. The non-transitory computer-readable storage medium according to claim 9 , wherein the determining the specific code region of the program comprises: determining the specific code region of the program by using abstract interpretation. 11. The non-transitory computer-readable storage medium according to claim 9 , wherein the specific code region of the program comprises a code region where a bug point of the program lies. 12. The non-transitory computer-readable storage medium according to claim 9 , wherein the building the program loop predictor based on the RNN by using the at least two pieces of training data comprises: performing embedding processing for the program state in the at least two pieces of training data to obtain a state vector; and building the program loop predictor based on the RNN by using the at least two pieces of training data after the embedding processing.
Assignees
Inventors
Classifications
Recurrent networks, e.g. Hopfield networks · CPC title
Learning methods · CPC title
characterised by memory or gating, e.g. long short-term memory [LSTM] or gated recurrent units [GRU] · CPC title
Supervised learning · CPC title
using diagnostics (G06F11/0703 takes precedence) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11119892B2 cover?
- The present disclosure provides a method, apparatus, device and computer-readable storage medium for guiding symbolic execution. According to embodiments of the present disclosure, it is possible to determine the specific code region of the program, and obtain the program loop output of the program corresponding to the specific code region of the program by using the program inverse analysis me…
- Who is the assignee on this patent?
- Baidu online network technology beijing co ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F11/3604. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 14 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).