Method and system for mining Java deserialization vulnerability utilization chain
The invention provides a Java deserialization vulnerability utilization chain mining method and system, and the method comprises the steps: carrying out the static analysis of a target Java application code and a software development kit thereof, and obtaining the first type of information of the ta...
Saved in:
| Main Authors | , , , |
|---|---|
| Format | Patent |
| Language | Chinese English |
| Published |
26.05.2023
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Summary: | The invention provides a Java deserialization vulnerability utilization chain mining method and system, and the method comprises the steps: carrying out the static analysis of a target Java application code and a software development kit thereof, and obtaining the first type of information of the target Java application code and the second type of information of the software development kit; constructing a method relation graph according to each method included in the first type of information and the second type of information; aiming at each known Java deserialization vulnerability utilization chain stored in the knowledge base, taking an entry point of the known Java deserialization vulnerability utilization chain as a search starting point, taking a trigger point of the known Java deserialization vulnerability utilization chain as a search end point, and searching the method relation graph to obtain a search result; and obtaining a Java deserialization vulnerability utilization chain initial mining result |
|---|---|
| Bibliography: | Application Number: CN202310206039 |