陈千  等:函数级数据依赖图及其在静态脆弱性分析中的应用                                                    3435


                [20]    Shoshitaishvili  Y,  Wang R, Hauser C,  et  al. Firmalice-automatic detection of  authentication bypass vulnerabilities in binary
                     firmware. In: Proc. of the NDSS. 2015.
                [21]    Cheng S, Yang J, Wang J, et al. Loongchecker: Practical summary-based semi-simulation to detect vulnerability in binary code. In:
                     Proc. of the IEEE Conf. on Trust Security and Privacy in Computing and Communications. 2011. 150−159.
                [22]    Shoshitaishvili Y, Wang R, Salls C, et al. (State of) The art of war: Offensive techniques in binary analysis. In: Proc. of the IEEE
                     S&P. 2016. 138−157.
                [23]    Angr, a binary analysis framework. 2016. http://angr.io/index.html
                [24]    OWASP Foundation, Inc. OWASP  embedded  application security. 2017. https://owasp.org/www-project-embedded-application-
                     security/
                [25]    Schwartz EJ, Avgerinos T, Brumley D. All you ever wanted to know about dynamic taint analysis and forward symbolic execution
                     (but might have been afraid to ask). In: Proc. of the IEEE S&P. 2010. 317−331.
                [26]    Wang  TL.  Research on binary-executable-oriented software vulnerability detection [Ph.D.  Thesis].  Beijing:  Peking  University,
                     2011 (in Chinese with English abstract).
                [27]    Hex-rays. 2016. https://www.hex-rays.com
                [28]    Bellard F. QEMU, a fast and portable dynamic translator. In: Pai V, ed. Proc. of the USENIX Annual Technical Conf. Berkeley:
                     USENIX Association, 2005. 41−46.
                [29]    Wu SH, Wang W, Zhao X. Revealing the Art of 0 Day Mining in Home Router. Beijing: Publishing House of Electronics Industry,
                     2015 (in Chinese).

                 附中文参考文献:
                  [2]  吴世忠,郭涛,董国伟.软件漏洞分析技术.北京:科学出版社,2014.
                 [16]  杨轶,苏璞睿,应凌云,冯登国.基于行为依赖特征的恶意代码相似性比较方法.软件学报,2011,22(10):2438−2453. http://www.jos.
                     org.cn/1000-9825/3888.htm [doi: 10.3724/SP.J.1001.2011.03888]
                 [26]  王铁磊.面向二进制程序的漏洞挖掘关键技术研究[博士学位论文].北京:北京大学,2011.
                 [29]  吴少华,王炜,赵旭.揭秘家用路由器 0day 漏洞挖掘技术.北京:电子工业出版社,2015.



                              陈千(1993－),男,硕士,主要研究领域为嵌                      朱红松(1973－),男,博士,研究员,博士生
                              入式设备安全.                                      导师,CCF 高级会员,主要研究领域为物联
                                                                           网安全,漏洞分析,网络测绘,安全大数据
                                                                           分析.

                              程凯(1991－),男,博士生,主要研究领域为                      孙利民(1966－),男,博士,研究员,博士生
                              物联网安全,二进制固件的脆弱性分析.                           导师,CCF 杰出会员,主要研究领域为物联
                                                                           网及其安全,工业控制系统安全,区块链
                                                                           安全.


                              郑尧文(1990－),男,博士,主要研究领域为
                              物联网安全,固件逆向分析与漏洞挖掘.