面向源程序(Source Code)漏洞挖掘的研究历史已经相当悠久并取得显著进

展。然而，出于商业利益、知识产权保护等原因，大部分软件厂商不对外提供源

程序；有些厂商虽然提供了源程序，但源程序和实际系统之间的对应关系无从验

证。另外，源程序级的漏洞分析也无法发现编译、链接过程引入的漏洞。因此直

接面向二进制程序的安全漏洞挖掘研究具有重要的意义。-Mining history-oriented source code (Source Code) vulnerability has been quite long and has made significant progress

Show. However, for commercial interests, intellectual property protection and other reasons, the majority of software vendors to not provide the source

Procedures　Although some manufacturers provide a source, but the correspondence between the source and the actual system is unable to experience

Card. In addition, source-level vulnerability analysis can not find the compile and link process introduced vulnerabilities. Therefore, direct

Access to the security vulnerabilities of the binary-oriented mining research is of great significance.