作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

基于符号执行的Python攻击脚本分析平台

邱洋,王轶骏,薛质   

  1. (上海交通大学 信息安全工程学院,上海 200240)
  • 收稿日期:2015-10-15 出版日期:2016-11-15 发布日期:2016-11-15
  • 作者简介:邱洋(1991—),女,硕士研究生,主研方向为网络安全;王轶骏,讲师、博士;薛质,教授、博士生导师。
  • 基金资助:
    中国信息安全评测中心科研项目(CNITSEC-KY-2013-009/2)。

Python Attack Script Analysis Platform Based on Symbolic Execution

QIU Yang,WANG Yijun,XUE Zhi   

  1. (College of Information Security,Shanghai Jiaotong University,Shanghai 200240,China)
  • Received:2015-10-15 Online:2016-11-15 Published:2016-11-15

摘要:

传统的静态分析方法大多不能准确处理脚本与网络交互的过程,且会引入不可达路径,动态分析则需要搭建实验环境和手工分析。针对上述问题,提出一种基于符号执行的Python攻击脚本分析平台PyExZ3+。通过对Python脚本的动态符号执行及路径探索,可以获得触发攻击的输入流量及相应的输出攻击载荷,以此实现对Python攻击脚本的自动化分析。采用循环识别及运行时解析等优化策略,使程序更快进入目标代码。实验结果表明,PyExZ3+相比CHEF,PyExZ3等符号执行工具,具有更高的路径覆盖率和执行效率,同时PyExZ3+能够对目标脚本程序进行动态检测,实现高效、可行的自动化分析。

关键词: 符号执行, Python语言, 动态分析;测试数据生成;攻击脚本;路径探索

Abstract: The traditional static analysis method cannot handle the interaction between the script and the network,and it introduces inaccessible path.The dynamic analysis needs to set up the experimental environment and needs manual analysis.To solve these problems,this paper proposes a Python attack script analysis platform called PyExZ3+ based on symbolic execution.Through the dynamic symbol execution and path exploration of Python script,it can get the input traffic and the corresponding output attack payload,which can realize the automatic analysis of Python attack script.PyExZ3+ uses loop identification and run time solver optimization strategy to improve the path coverage and the efficiency of symbolic execution.Experimental results show that PyExZ3+ has a higher path coverage and execution efficiency compared with the existing symbolic execution tools,such as CHEF and PyExZ3.Besides,PyExZ3+ can dynamically detect the target script’s payload and perform feasible automated analysis efficiently.

Key words: symbolic execution, Python language, dynamic analysis, test data generation, attack script, path exploration

中图分类号: