Abstract:The vulnerability in software and system is an important resource for national cyberspace security.By now,some key techniques of Chinese critical infrastructures and significant information system are controlled by other countries.The ubiquity of vulnerabilities in software and system cannot be eliminated in a short while.Therefore,it is necessary to carry outin-depth,large-scale,intelligent vulnerability mining research.With the popularization of new technologies and applications in the fields of mobile Internet,industrial control network and Internet of Things,the existing technical architecture of vulnerability mining and analysis cannot meet the new requirements.Besides,China's vulnerability research teams are relatively fragmented and collaboration mechanisms at the national level have not yet been established,which makes it difficult to support the country's control of vulnerability resources.In view of the current situation of software and system vulnerability research,four major problems are urgently needed to be solvedin order to enhance the country's ability to control the strategic resources of vulnerabilities:1)The weak intelligence of vulnerability mining;2)The low monitoring accuracy of large flow;3)The difficulty in verifying hazard assessment;4)The lacking in large-scale collaborative ability.Focusing on the four major problems above,this paper carries out the following five aspects of research.1)Intelligent vulnerability mining methods and key techniques in software and system,including the construction method of fuzzy inference experience base,the genetic map based method of vulnerability mining,optimization problem guided by intelligence,the strategy-based method of vulnerability identification.2)The techniques to parse vulnerabilities in software and system and judge whether they could be exploited,including techniques of analyzing the causes of vulnerabilities,construction techniques of the abnormal path,analytical techniques of homology vulnerabilities,techniques on the exploitability determination of vulnerabilities,the construction of multi-scene vulnerability analysis platform.3)The network flow-based analytical techniques to parse and detect vulnerabilities,including:The techniques to detect the vulnerability attack samples with dynamic and static methods,development of the prototype system to automatically detect vulnerabilities in software,the techniques to detect and identify the suspected network attacks,automatic analysis and precise verification of the network attacks samples,the attack-oriented platform to offer the vulnerability detection and comprehensive service.4)The techniques to evaluate and verify the vulnerability damages,including:The dynamic hardware virtualization-based techniques to parse stains,the techniques to automatically exploit vulnerabilities,development of the virtual environment-based system to automatically verify the vulnerabilities,the system and algorithm to evaluate the damages of vulnerabilities.5)The study and application of large-scale cooperative vulnerabilities mining techniques,including:The multi-tasking multi-engine adaptive large-scale vulnerability mining techniques;the multi-dimensional multi-tasking intelligent collaborative techniques;the open and collaborative techniques to reuse knowledge;the study of the multi-computing environments-oriented integration platform for large-scale collaborative vulnerability mining;vulnerability mining,analysis and availability evaluation techniques under large-scale collaborative conditions;the verification of the large-scale collaborative vulnerability mining integration platform application in typical industries.The project realized the innovation in the following five aspects with the research mentioned above:1)The fixed reconstruction of gene mapping,in detail,the gene mapping construction and knowledge reuse-based intelligent vulnerability mining techniques;2)Multi-source analysis and polymorphism utilization,in detail,the multi-source vulnerability analysis-based techniques to evaluate availability of polymorphism;3)Dynamic and static intention deduction,in detail,the data driven and behavior recognition-based techniques to detect attacks in the large-flow;4)Status slice overlay recurrence,in detail,the techniques to build the living vulnerability library;5) Iterative adaptation of intelligent connection,in detail,the multi-tasking multi-engine adaptive large-scale vulnerability mining techniques.Finally,a large-scale collaborative platform,that integrating vulnerability mining,analysis,monitoring,evaluation and verification,is build.It forms an ecosystem with knowledge reuse,intelligent connectivity and open collaboration,which provides technical support for our country to find out the security circumstances of cyberspace and reverse the passive situation of the game of attack-and-defense.