公开(公告)号：US20240340298A1

公开(公告)日：2024-10-10

申请号：US18475471

申请日：2023-09-27

Applicant: Huazhong University of Science and Technology

Inventor： Bin YUAN ,  Huan LIU ,  Jiajun REN ,  Qunjinming CHEN ,  Deqing ZOU ,  Hai JIN

IPC: H04L9/40

CPC classification number: H04L63/1425 ,  H04L63/166

Abstract: A method and system for recognizing TLS fingerprints based on finite-state machines is provided, wherein the system at least includes: a model inference module, for learning state machine models of target TLS implementations according to mapping information sent by a message mapping module; a fingerprint extracting module, for analyzing the state machine models and extracting multi-level fingerprints of the target TLS implementations; and a version recognizing module, for verifying the multi-level fingerprints for validity and/or recognizing version information of unknown TLS implementations. As compared to other network protocol identification systems, the present disclosure can identify and judge fine-grained information such as the specific implementation type and version of the specific TLS implementation. At the same time, the inventive method is highly automated, thereby ensuring good usability and scalability.

公开(公告)号：US20250077683A1

公开(公告)日：2025-03-06

申请号：US18650308

申请日：2024-04-30

Applicant: Huazhong University of Science and Technology

Inventor： Bin YUAN ,  Zijing XU ,  Tiancheng HU ,  Yueming WU ,  Deqing ZOU ,  Hai JIN

IPC: G06F21/57 ,  G06F21/56

Abstract: The present disclosure relates to a system and method for vulnerability localization based on deep learning, which comprises, at a minimum, a processor configured to: analyze a code file under detection to obtain a first abstract syntax tree devoid of semantic information; build upon the first abstract syntax tree by incorporating data-flow edges and/or control-flow edges, thereby forming a second abstract syntax tree with semantic-flow enhancement; split the second abstract syntax tree to obtain a plurality of second abstract syntax sub-trees; and input these second abstract syntax sub-trees into a pre-established vulnerability detection and localization model. Compared with existing code vulnerability detection methods, the present disclosure employs a semantically-enhanced abstract syntax tree and finely-grained segmentation thereof, enabling both the efficient detection and accurate localization of code vulnerabilities, characterized by swift detection rates, low false positive rates, and commendable interpretability of the detection results.