Survey of Automatic Software Vulnerability Exploitation

Wu Zehui; Wei Qiang; Wang Xinlei; Wang Yunchao; Yan Chenyu; Chen Jing

doi:10.7544/issn1000-1239.202220410

Journal of Computer Research and Development > 2024 > 61(9): 2261-2274. > DOI: 10.7544/issn1000-1239.202220410 CSTR: 32373.14.issn1000-1239.202220410

Wu Zehui, Wei Qiang, Wang Xinlei, Wang Yunchao, Yan Chenyu, Chen Jing. Survey of Automatic Software Vulnerability Exploitation[J]. Journal of Computer Research and Development, 2024, 61(9): 2261-2274. DOI: 10.7544/issn1000-1239.202220410

Citation:

PDF (1780 KB)

Survey of Automatic Software Vulnerability Exploitation

1.
State Key Laboratory of Mathematical Engineering and Advanced Computing (Strategic Support Force Information Engineering University ), Zhengzhou 450001
2.
School of Cyber Science and Engineering, Zhengzhou University, Zhengzhou 450001

Funds: This work was supported by the National Key Research and Development Program of China (2019QY0501).

More Information

Author Bio:
Wu Zehui: born in 1988. PhD, lecturer. His mian research interest includes software and system vulnerability analysis

Wei Qiang: born in 1979. PhD, professor, PhD supervisor. His main research interests include software security analysis and industrial control system security

Wang Xinlei: born in 1990. Bachelor, assistant engineer. Her main research interest includes software security analysis

Wang Yunchao: born in 1992. PhD, lecturer. His main research interest includes software and system vulnerability analysis

Yan Chenyu: born in 1996. Master, teaching assistant. Her main research interest includes software security analysis

Chen Jing: born in 1999. Master. Her main research interest includes software security analysis
Received Date: May 20, 2022
Revised Date: December 18, 2023
Accepted Date: March 05, 2024
Available Online: March 06, 2024

Graphical Abstract

Abstract

Abstract

In recent years, the number of software vulnerabilities has increased sharply and its harmfulness has aroused widespread concern in society. Compiling vulnerability utilization code accurately, efficiently and quickly is the key to vulnerability damage assessment and vulnerability repairment. At present, the vulnerability exploitation code mainly relies on manual analysis and writing, which is inefficient. Therefore, how to realize automatic vulnerability exploitation code generation (AEG) is a hotspot and difficulty in software security research field. In this paper, we analyze the representative achievements in this field in recent 30 years. Firstly, we divide the vulnerability automatic utilization process into four typical segments: vulnerability root location, reachable path search, vulnerability primitive generation and utilization code generation. After that we sort out and select the typical work of the above achievements from the three perspectives of human-machine boundary, attack and defense game, and common basic technology. And on this basis, we define the key points, difficulties and phased achievements of the current research. Finally, from the gap between the existing achievements and the practical application of automatic exploit generation, we discuss the bottleneck problems existing in the current research, the future development trend of AEG, and the next research points we should focus on.
- software security,
- vulnerability analysis,
- automatic exploit,
- exploit generation,
- vulnerability root cause

FullText(HTML)

References (74)

References

[1]	Lu Hui, Jin Chengjie, Helu Xiaohan, et al. Research on intelligent detection of command level stack pollution for binary program analysis[J]. Mobile Networks and Applications, 2021(4): 1723−1732
[2]	Hu Ning, Tian Zhihong, Lu Hui, et al. A multiple-kernel clustering based intrusion detection scheme for 5G and IoT networks[J]. International Journal of Machine Learning and Cybernetics, 2021, 12(11): 1−16
[3]	Pan Menghai, Huang Weixiao, Li Yanhua, et al. DHPA: Dynamic human preference analytics framework: A case study on taxi drivers’ learning curve analysis[J]. ACM Transactions on Intelligent Systems, 2020, 11(1): 1−19
[4]	One A. Smashing the stack for fun and profit[J]. Phrack Magazine, 1996, 7(49): 14−16
[5]	Brumley D, Poosankam P, Song D, et al. Automatic patch-based exploit generation is possible: Techniques and implications[C]//Proc of the 2008 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2008: 143−157
[6]	Heelan S. Automatic generation of control flow hijacking exploits for software vulnerabilities[D]. Oxford, UK: University of Oxford , 2009
[7]	Cha S K, Avgerinos T, Rebert A, et al. Unleashing Mayhem on binary code[C]//Proc of the 2012 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2012: 380−394
[8]	Wang Minghua, Su Purui, Li Qi, et al. Automatic polymorphic exploit generation for software vulnerabilities[C]//Proc of the 9th Int Conf on Security and Privacy in Communication Systems. Berlin: Springer, 2013: 216−233
[9]	Avgerinos T, Cha S K, Rebert A, et al. Automatic exploit generation[J]. Communications of the ACM, 2014, 57(2): 74−84 doi: 10.1145/2560217.2560219
[10]	Hu Hong, Zheng Leongchua, Adrian S, et al. Automatic generation of data-oriented exploits[C]//Proc of the 24th USENIX Security Symp. Berkeley, CA: USENIX Association, 2015: 177−192
[11]	Schwartz E J, Avgerinos T, Brumley D. Q: Exploit hardening made easy[C]//Proc of the 20th USENIX Security Symp. Berkeley, CA: USENIX Association, 2011: 25−41
[12]	Huang S K, Huang M H, Huang P Y, et al. CRAX: Software crash analysis for automatic exploit generation by modeling attacks as symbolic continuations[C]//Proc of the 6th IEEE Int Conf on Software Security and Reliability. Piscataway, NJ: IEEE, 2012: 78−87
[13]	He Liang, Cai Yan, Hu Hong, et al. Automatically assessing crashes from heap overflows[C]//Proc of the 32nd IEEE/ACM Int Conf on Automated Software Engineering (ASE). Piscataway, NJ: IEEE, 2017: 274−279
[14]	Wang Yan, Zhang Chao, Xiang Xiaobo, et al. Revery: From proof-of-concept to exploitable[C]//Proc of the 2018 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2018: 1914−1927
[15]	李超,胡建伟,崔艳鹏. 基于符号执行的缓冲区溢出漏洞自动化利用[J]. 计算机应用与软件,2019,36(9):327−333 Li Chao, Hu Jianwei, Cui Yanpeng. Automated exploitation of buffer overflow vulnerabilities based on symbolic execution[J]. Computer Application and Software, 2019, 36(9): 327−333(in Chinese)
[16]	Wu Wei, Chen Yueqi, Xu Jun, et al. FUZE: Towards facilitating exploit generation for kernel use-after-free vulnerabilities[C]//Proc of the 27th USENIX Security Symp. Berkeley, CA: USENIX Association, 2018: 781−797
[17]	Chen Yueqi, Lin Zhenpeng, Xing Xinyu. A systematic study of elastic objects in kernel exploitation[C]//Proc of the 2020 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2020: 1165−1184
[18]	Liguori P, Al-Hossami E, Cotroneo D, et al. Shellcode_IA32: A dataset for automatic shellcode generation[J]. arXiv preprint, arXiv: 2104.13100, 2021
[19]	Yang Guang, Chen Xiang, Zhou Yanlin, et al. DualSC: Automatic generation and summarization of shellcode via transformer and dual learning[C]//Proc of the 29th IEEE Int Conf on Software Analysis Evolution and Reengineering (SAER 2022). Piscataway, NJ: IEEE, 2022: 361−372
[20]	Lu Hui, Jin Chengjie, Helu Xiaohan, et al. AutoD: Intelligent blockchain application unpacking based on JNI layer deception call[J]. IEEE Network, 2020, 35(2): 215−221
[21]	Khandait P, Hubballi N, Mazumdar B. IoTHunter: IoT network traffic classification using device specific keywords[J]. IET Networks, 2021, 10(2): 59−75 doi: 10.1049/ntw2.12007
[22]	Martin M C, Lam M S. Automatic generation of XSS and SQL injection attacks with goal-directed model checking[C]//Proc of the 17th USENIX Security Symp. Berkeley, CA: USENIX Association, 2008: 31−44
[23]	MICROFOST. The history of the !exploitable crash analyzer[EB/OL]. 2009[2023-10-15]. http://blogs.technet.com/b/srd/archive/2009/04/08/the-history-of-the-exploitable-crash-analyzer/
[24]	Miller C, Caballero J, Johnson N M, et al. Crash analysis with BitBlaze[J/OL]. 2010[2022-08-07]. https://media.blackhat.com/bh-us-10/whitepapers/Miller/BlackHat-USA-2010-CMiller-BitBlaze-wp.pdf
[25]	Bisht P, Hinrichs T, Skrupsky N, et al. WAPTEC: Whitebox analysis of web applications for parameter tampering exploit construction[C]//Proc of the 18th ACM Conf on Computer and Communications Security. New York: ACM, 2011: 575−586
[26]	Huang S K, Lu H L, Leong W M, et al. Craxweb: Automatic web application testing and attack generation[C]//Proc of the 7th IEEE Int Conf on Software Security and Reliability. Piscataway, NJ: IEEE, 2013: 208−217
[27]	李晓琦,刘奇旭,张玉清. 基于模拟攻击的内核提权漏洞自动利用系统[J].中国科学院大学学报,2015,32(3):384-390 Li Xiaoqi, Liu Qixu, Zhang Yuqing. An automatic exploit system for kernel power lifting vulnerabilities based on simulated attacks[J]. Journal of the University of Chinese Academy of Sciences, 2015, 32(3): 384−390 (in Chinese)
[28]	Zhang Puhan, Wu Jianxiong, Wang Xin, et al. Program crash analysis based on taint analysis[C]//Proc of the 9th Int Conf on P2P, Parallel, Grid, Cloud and Internet Computing. Piscataway, NJ: IEEE, 2014: 492−498
[29]	Do Q H, Bubel R, Hähnle R. Exploit generation for information flow leaks in object-oriented programs[C]//Proc of the 30th Int Information Security and Privacy Conf. Berlin: Springer, 2015: 401−415
[30]	Ruffell M, Hong J B, Kim H, et al. Towards automated exploit generation for embedded systems[C]//Proc of the 17th Int Workshop on Information Security Applications. Berlin: Springer, 2016: 161−173
[31]	Alhuzali A, Eshete B, Gjomemo R, et al. Chainsaw: Chained automated workflow-based exploit generation[C]//Proc of the 2016 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2016: 641−652
[32]	Hu Hong, Shinde S, Adrian S, et al. Data-oriented programming: On the expressiveness of non-control data attacks[C]//Proc of the 2016 IEEE Symp on Security and Privacy (SP). Piscataway, NJ: IEEE, 2016: 969−986
[33]	Shoshitaishvili Y, Wang Ruoyu, Salls C, et al. Sok: State of the art of war: Offensive techniques in binary analysis[C]//Proc of the 2016 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2016: 138−157
[34]	Luo Lannan, Zeng Qiang, Cao Chen, et al. System service call-oriented symbolic execution of android framework with applications to vulnerability discovery and exploit generation[C]//Proc of the 15th Annual Int Conf on Mobile Systems, Applications, and Services. New York: ACM, 2017: 225−238
[35]	Repel D, Kinder J, Cavallaro L. Modular synthesis of heap exploits[C]//Proc of the 2017 Workshop on Programming Languages and Analysis for Security. New York: ACM, 2017: 25−35
[36]	Brooks T N. Survey of automated vulnerability detection and exploit generation techniques in cyber reasoning systems[C]//Proc the 2018 Science and Information Conf. Berlin: Springer, 2018: 1083−1102
[37]	万云鹏,邓艺,石东辉,等. 基于符号执行的自动利用生成系统[J]. 计算机系统应用,2017,26(10):44−52 Wan Yunpeng, Deng Yi, Shi Donghui, et al. Automatic utilization generation system based on symbolic execution[J]. Computer Systems Applications, 2017, 26(10): 44−52 (in Chinese)
[38]	Garcia J, Hammad M, Ghorbani N, et al. Automatic generation of inter-component communication exploits for Android applications[C]//Proc of the 11th Joint Meeting on Foundations of Software Engineering. New York: ACM, 2017: 661−671
[39]	Bao T, Wang Ruoyu, Shoshitaishvili Y, et al. Your exploit is mine: Automatic shellcode transplant for remote exploits[C]//Proc of the 2017 IEEE Symp on Security and Privacy(SP). Piscataway,NJ:IEEE,2017:824−839
[40]	Lu Kangjie, Walter M T, Pfaff D, et al. Unleashing use-before-initialization vulnerabilities in the Linux kernel using targeted stack spraying[C]//Proc of 2017 Network and Distributed System Security Symp. San Diego, CA: Internet Society, 2017: 125−136
[41]	Xu Luhang, Jia Weixi, Dong Wei, et al. Automatic exploit generation for buffer overflow vulnerabilities[C]//Proc of the 2018 IEEE Int Conf on Software Quality, Reliability and Security Companion (QRS-C). Piscataway, NJ: IEEE, 2018: 463−468
[42]	Krupp J, Rossow C. teEther: Gnawing at ethereum to automatically exploit smart contracts[C]//Proc of the 27th USENIX Security Symp. Berkeley, CA: USENIX Association, 2018: 1317−1333
[43]	Zhang Rui, Deutschbein C, Huang Peng, et al. End-to-end automated exploit generation for validating the security of processor designs[C]//Proc of the 51st Annual IEEE/ACM Int Symp on Microarchitecture (MICRO). Piscataway, NJ: IEEE, 2018: 815−827
[44]	Liu Danjun, Wang Jingyuan, Rong Zelin, et al. Pangr: A behavior-based automatic vulnerability detection and exploitation framework[C]//Proc of the 17th IEEE Int Conf on Trust, Security and Privacy in Computing and Communications. Piscataway, NJ: IEEE, 2018: 705−712
[45]	Alhuzali A, Gjomemo R, Eshete B, et al. NAVEX: Precise and scalable exploit generation for dynamic web applications[C]//Proc of the 27th USENIX Security Symp. Berkeley, CA: USENIX Association, 2018: 377−392
[46]	Heelan S, Melham T, Kroening D. Automatic heap layout manipulation for exploitation[C]//Proc of the 27th USENIX Security Symp. Berkeley, CA: USENIX Association, 2018: 763−779
[47]	Garmany B, Stoffel M, Gawlik R, et al. Towards automated generation of exploitation primitives for web browsers[C]//Proc of the 34th Annual Computer Security Applications Conf. New York: ACM, 2018: 300−312
[48]	Ispoglou K K, AlBassam B, Jaeger T, et al. Block oriented programming: Automating data-only attacks[C]//Proc of the 2018 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2018: 1868−1882
[49]	Zhou Mingsong, Zeng Fanping, Zhang Yu, et al. Automatic generation of capability leaks’ exploits for Android applications[C]//Proc of the 2019 IEEE Int Conf on Software Testing, Verification and Validation Workshops (ICSTW). Piscataway, NJ: IEEE, 2019: 291−295
[50]	Huang Ning, Huang Shuguang, Chang Chao. Analysis to heap overflow exploit in Linux with symbolic execution[C]//Proc of the 2019 IOP Conf Series: Earth and Environmental Science. Bristol: IOP Publishing, 2019: 4−20
[51]	Jan S, Panichella A, Arcuri A, et al. Automatic generation of tests to exploit XML injection vulnerabilities in web applications[J]. IEEE Transactions on Software Engineering, 2017, 45(4): 335−362
[52]	方皓,吴礼发,吴志勇. 基于符号执行的 return-to-dl-resolve 利用代码自动生成方法[J]. 计算机科学,2019,46(2):127−132 doi: 10.11896/j.issn.1002-137X.2019.02.020 Fang Hao, Wu Lifa, Wu Zhiyong. A symbolic execution-based return-to-dl-resolve approach for automatic code generation using[J]. Computer Science, 2019, 46(2): 127−132 (in Chinese) doi: 10.11896/j.issn.1002-137X.2019.02.020
[53]	Chen Yueqi, Xing Xinyu. Slake: Facilitating slab manipulation for exploiting vulnerabilities in the Linux kernel[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 1707−1722
[54]	Wu Wei, Chen Yueqi, Xing Xinyu, et al. KEPLER: Facilitating control-flow hijacking primitive evaluation for Linux kernel vulnerabilities[C]//Proc of the 28th USENIX Security Symp. Berkeley, CA: USENIX Association, 2019: 1187−1204
[55]	Heelan S, Melham T, Kroening D. Gollum: Modular and greybox exploit generation for heap overflows in interpreters[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 1689−1706
[56]	Wei Yuan, Luo Senlin, Zhuge Jianwei, et al. ARG: Automatic ROP chains generation[J]. IEEE Access, 2019, 7: 120152−120163 doi: 10.1109/ACCESS.2019.2937585
[57]	Moscovich N, Bitton R, Mallah Y, et al. Autosploit: A fully automated framework for evaluating the exploitability of security vulnerabilities[J]. arXiv preprint, arXiv: 2007.00059, 2020
[58]	Schwartz E J, Cohen C F, Gennari J S, et al. A generic technique for automatically finding defense-aware code reuse attacks[C]//Proc of the 2020 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2020: 1789−1801
[59]	Chen Weiteng, Zou Xiaochen, Li Guoren, et al. KOOBE: Towards facilitating exploit generation of kernel out-of-bounds write vulnerabilities[C]//Proc of the 29th USENIX Security Symp. Berkeley, CA: USENIX Association, 2020: 1093−1110
[60]	Chae S, Jin Hongjoo, Park M C, et al. HS-Pilot: Heap security evaluation tool model based on atomic heap interaction[J]. IEEE Access, 2020, 8: 201914−201924 doi: 10.1109/ACCESS.2020.3036118
[61]	Zhao Zixuan, Wang Yan, Gong Xiaorui. HAEPG: An automatic multi-hop exploitation generation framework[C]//Proc the 17th Int Conf on Detection of Intrusions and Malware, and Vulnerability Assessment. Berlin: Springer, 2020: 89−109
[62]	Yilmaz F, Sridhar M, Choi W. Guide me to exploit: Assisted ROP exploit generation for actionscript virtual machine[C]//Proc of the 2020 Annual Computer Security Applications Conf. New York: ACM, 2020: 386−400
[63]	Yun I, Kapil D, Kim T. Automatic techniques to systematically discover new heap exploitation primitives[C]//Proc of the 29th USENIX Security Symp. Berkeley, CA: USENIX Association, 2020: 1111−1128
[64]	Blazytko T, Schlögel M, Aschermann C, et al. AURORA: Statistical crash analysis for automated root cause explanation[C]//Proc of the 29th USENIX Security Symp. Berkeley, CA: USENIX Association, 2020: 235−252
[65]	Deng Fenglei, Wang Jian, Zhang Bin, et al. A pattern-based software testing framework for exploitability evaluation of metadata corruption vulnerabilities[J]. Scientific Programming, 2020, 5(10): 1−21
[66]	Lee Y, Min C, Lee B. EXPRACE: Exploiting kernel races through raising interrupts[C]//Proc of the 30th USENIX Security Symp. Berkeley, CA: USENIX Association, 2021: 2363−2380
[67]	马湘宁,张兆庆,冯晓兵,等. 二进制翻译中的过程恢复技术[J]. 计算机工程与应用,2002,38(19):1−5 doi: 10.3321/j.issn:1002-8331.2002.19.001 Ma Xiangning, Zhang Zhaoqing, Feng Xiaobing, et al. Process recovery techniques in binary translation[J]. Computer Engineering and Applications, 2002, 38(19): 1−5 (in Chinese) doi: 10.3321/j.issn:1002-8331.2002.19.001
[68]	付文,魏博,张天雷,等. 过程恢复技术在IA64二进制翻译中的应用与实现[J]. 计算机工程与应用,2006,42(21):81−83 Fu Wen, Wei Bo, Zhang Tianlei, et al. Application and implementation of process recovery techniques in IA64 binary translation[J]. Computer Engineering and Applications, 2006, 42(21): 81−83 (in Chinese)
[69]	方霞,尹青,蒋烈辉,等. 基于数据流分析的寄存器参数恢复方法[J]. 计算机工程,2009,35(22):62−64 Fang Xia, Yin Qing, Jiang Liehui, et al. A data flow analysis based register parameter recovery method[J]. Computer Engineering, 2009, 35(22): 62−64 (in Chinese)
[70]	Wang Ruipeng, Pan Zulie, Shi Fan, et al. AEMB: An automated exploit mitigation bypassing solution[J]. Applied Sciences, 2021, 11(20): 9727−9728 doi: 10.3390/app11209727
[71]	Ispoglou K K, Austin D, Mohan V, et al. FuzzGen: Automatic Fuzzer generation[C]//Proc of the 29th USENIX Conf on Security Symp. Berkeley, CA: USENIX Association, 2020: 2271−2287
[72]	Zhang Hangwei, Lu Kai, Zhou Xu, et al. SIoTFuzzer: Fuzzing Web interface in IoT firmware via stateful message generation[J]. Applied Sciences, 2021, 11(7): 3120−3121 doi: 10.3390/app11073120
[73]	Wang Yan, Zhang Chao, Zhao Zixuan, et al. MAZE: Towards automated heap feng shui[C]//Proc of the 2021 USENIX Security Symp. Berkeley, CA: USENIX Association, 2021: 1647−1664
[74]	Kang Xiyu, Debray S. A framework for automatic exploit generation for JIT compilers[C]//Proc of the 2021 Research on Offensive and Defensive Techniques in the Context of Man at the End (MATE) Attacks. New York: ACM, 2021: 11−19

[1]	Li Nan, Ding Yidong, Jiang Haoyu, Niu Jiafei, Yi Ping. Jailbreak Attack for Large Language Models: A Survey[J]. Journal of Computer Research and Development, 2024, 61(5): 1156-1181. DOI: 10.7544/issn1000-1239.202330962
[2]	Wang Mengru, Yao Yunzhi, Xi Zekun, Zhang Jintian, Wang Peng, Xu Ziwen, Zhang Ningyu. Safety Analysis of Large Model Content Generation Based on Knowledge Editing[J]. Journal of Computer Research and Development, 2024, 61(5): 1143-1155. DOI: 10.7544/issn1000-1239.202330965
[3]	Chen Xuanting, Ye Junjie, Zu Can, Xu Nuo, Gui Tao, Zhang Qi. Robustness of GPT Large Language Models on Natural Language Processing Tasks[J]. Journal of Computer Research and Development, 2024, 61(5): 1128-1142. DOI: 10.7544/issn1000-1239.202330801
[4]	Chen Huimin, Liu Zhiyuan, Sun Maosong. The Social Opportunities and Challenges in the Era of Large Language Models[J]. Journal of Computer Research and Development, 2024, 61(5): 1094-1103. DOI: 10.7544/issn1000-1239.202330700
[5]	Yang Yi, Li Ying, Chen Kai. Vulnerability Detection Methods Based on Natural Language Processing[J]. Journal of Computer Research and Development, 2022, 59(12): 2649-2666. DOI: 10.7544/issn1000-1239.20210627
[6]	Pan Xuan, Xu Sihan, Cai Xiangrui, Wen Yanlong, Yuan Xiaojie. Survey on Deep Learning Based Natural Language Interface to Database[J]. Journal of Computer Research and Development, 2021, 58(9): 1925-1950. DOI: 10.7544/issn1000-1239.2021.20200209
[7]	Zheng Haibin, Chen Jinyin, Zhang Yan, Zhang Xuhong, Ge Chunpeng, Liu Zhe, Ouyang Yike, Ji Shouling. Survey of Adversarial Attack, Defense and Robustness Analysis for Natural Language Processing[J]. Journal of Computer Research and Development, 2021, 58(8): 1727-1750. DOI: 10.7544/issn1000-1239.2021.20210304
[8]	Pan Xudong, Zhang Mi, Yan Yifan, Lu Yifan, Yang Min. Evaluating Privacy Risks of Deep Learning Based General-Purpose Language Models[J]. Journal of Computer Research and Development, 2021, 58(5): 1092-1105. DOI: 10.7544/issn1000-1239.2021.20200908
[9]	Bao Yang, Yang Zhibin, Yang Yongqiang, Xie Jian, Zhou Yong, Yue Tao, Huang Zhiqiu, Guo Peng. An Automated Approach to Generate SysML Models from Restricted Natural Language Requirements in Chinese[J]. Journal of Computer Research and Development, 2021, 58(4): 706-730. DOI: 10.7544/issn1000-1239.2021.20200757
[10]	Che Haiyan, Feng Tie, Zhang Jiachen, Chen Wei, and Li Dali. Automatic Knowledge Extraction from Chinese Natural Language Documents[J]. Journal of Computer Research and Development, 2013, 50(4): 834-842.

Cited By

Cited by

Periodical cited type(66)

1.	袁良志，海佳丽，汪润，邓文萍，肖勇，常凯. 知识图谱驱动的中医药标准数字化探索与实践. 中医药导报. 2025(01): 225-230 .
2.	范定容，王倩倩，沈奥，彭露. 从ChatGPT到Sora：人工智能在医学教育中的应用潜力与挑战. 中国医学教育技术. 2025(01): 33-40 .
3.	刘园园，王银刚. ChatGPT影响大学生判断能力：双向机理与对策. 湖北成人教育学院学报. 2025(01): 29-34 .
4.	魏昱，刘卫. 人工智能生成内容在服装设计中的应用现状. 毛纺科技. 2025(01): 134-142 .
5.	李冰，鲜勇，雷刚，苏娟. ChatGPT架构下课程智能教学助手建设探讨. 教育教学论坛. 2025(03): 45-48 .
6.	梁炜，许振宇. 大语言模型赋能舆情治理现代化：价值、风险与路径. 中国应急管理科学. 2025(01): 93-103 .
7.	刘邦奇，聂小林，王士进，袁婷婷，朱洪军，赵子琪，朱广袤. 生成式人工智能与未来教育形态重塑：技术框架、能力特征及应用趋势. 电化教育研究. 2024(01): 13-20 .
8.	秦涛，杜尚恒，常元元，王晨旭. ChatGPT的工作原理、关键技术及未来发展趋势. 西安交通大学学报. 2024(01): 1-12 .
9.	张小朝. AIGC在商旅行业中的应用探索. 广东通信技术. 2024(01): 75-79 .
10.	廉霄兴，宋勇，朱军，王淑玲，叶晓舟，欧阳晔. 基于双通道理论的通信认知增强技术研究. 电信科学. 2024(01): 123-135 .
11.	杨永恒. 人工智能时代社会科学研究的“变”与“不变”. 人民论坛·学术前沿. 2024(04): 96-105 .
12.	刘英祥，张琳. 生成式人工智能技术在海事管理工作中的应用探索. 航海. 2024(02): 62-64 .
13.	吕静，何平，王永芬，冉朝霞，曹钦兴，古文帆，彭敏，田敏. ChatGPT在医学领域研究态势的文献计量学分析. 医学与哲学. 2024(07): 30-35 .
14.	王益君，董韵美. 公众对人工智能的认知与情感态度——以ChatGPT为例. 知识管理论坛. 2024(01): 16-29 .
15.	陈雷. ChatGPT在公安院校教育教学中的应用及影响. 太原城市职业技术学院学报. 2024(02): 85-88 .
16.	尤冲，李彦兵. 基于ChatGPT大语言模型应用的公共体育服务智能化:指征、风险及其规制. 南京体育学院学报. 2024(02): 1-12 .
17.	杨胜钦. 从ChatGPT看AI对电信网络诈骗犯罪治理的影响. 犯罪与改造研究. 2024(05): 26-33 .
18.	王春英，姚亚妮，滕白莹. 生成式人工智能嵌入敏捷政府建设：影响、风险与应对. 北京行政学院学报. 2024(03): 73-83 .
19.	王雯，李永智. 国际生成式人工智能教育应用与省思. 开放教育研究. 2024(03): 37-44 .
20.	张智义. 体认语言学视阈下ChatGPT语言生成及性能研究. 外语研究. 2024(03): 20-25+43+112 .
21.	余淑珍，单俊豪，闫寒冰. 情感计算赋能个性化教学：逻辑框架、问题解构与多元重塑. 现代远距离教育. 2024(02): 53-61 .
22.	高尚. 大语言模型与中台：共融还是替代？. 科技与金融. 2024(05): 59-62 .
23.	郭亚军，马慧芳，张鑫迪，冯思倩. ChatGPT赋能图书馆知识服务：原理、场景与进路. 图书馆建设. 2024(03): 60-68 .
24.	高雪松，黄蕴华，王斌. 基于专利数据的生成式人工智能技术栈创新态势研究. 东北财经大学学报. 2024(04): 53-61 .
25.	张渊. ChatGPT文本的生成机制与文本特性分析. 重庆文理学院学报(社会科学版). 2024(04): 105-114 .
26.	罗仕鉴，于慧伶，易珮琦. 数智时代工业设计知识生产新范式. 机械设计. 2024(08): 6-10 .
27.	徐炳文. 基于ChatGPT的人工智能交互技术工业物联网平台研究. 工业控制计算机. 2024(08): 132-134 .
28.	Deyi Li，Jialun Yin，Tianlei Zhang，Wei Han，Hong Bao. The Four Most Basic Elements In Machine Cognition. Data Intelligence. 2024(02): 297-319 .
29.	黄语，刘海洋，常海军，杨远松. 基于ChatGPT工作模式的AI工具在BIM技术中的潜在应用与实现途径. 科技创新与应用. 2024(26): 181-184+188 .
30.	李琳娜，丁楷，韩红旗，王力，李艾丹. 基于知识图谱的中文科技文献问答系统构建研究. 中国科技资源导刊. 2024(04): 51-62 .
31.	裴炳森，李欣，蒋章涛，刘明帅. 基于大语言模型的公安专业小样本知识抽取方法研究. 计算机科学与探索. 2024(10): 2630-2642 .
32.	李克寒，余丽媛，邵企能，蒋可，乌丹旦. 大语言模型在口腔住院医师规范化培训中的应用构想. 中国卫生产业. 2024(07): 155-158 .
33.	钟厚涛. 生成式人工智能给翻译实践带来的机遇与挑战. 北京翻译. 2024(00): 238-250 .
34.	张夏恒，马妍. AIGC在应急情报服务中的应用研究. 图书馆工作与研究. 2024(11): 60-67 .
35.	崔金满，李冬梅，田萱，孟湘皓，杨宇，崔晓晖. 提示学习研究综述. 计算机工程与应用. 2024(23): 1-27 .
36.	周代数，魏杉汀. 人工智能驱动的科学研究第五范式：演进、机制与影响. 中国科技论坛. 2024(12): 97-107 .
37.	钱力，张智雄，伍大勇，常志军，于倩倩，胡懋地，刘熠. 科技文献大模型:方法、框架与应用. 中国图书馆学报. 2024(06): 45-58 .
38.	潘崇佩，廖康启，孔勇发. 生成式人工智能背景下的近代物理实验教学改革. 实验室研究与探索. 2024(12): 117-122 .
39.	李德毅，刘玉超，殷嘉伦. 认知机器如何创造. 中国基础科学. 2024(06): 1-11 .
40.	李德毅，张天雷，韩威，海丹，鲍泓，高洪波. 认知机器的结构和激活. 智能系统学报. 2024(06): 1604-1613 .
41.	蔡昌，庞思诚. ChatGPT的智能性及其在财税领域的应用. 商业会计. 2023(09): 41-46 .
42.	于书娟，卢小雪，赵磊磊. 教育人工智能变革的基本逻辑与发展进路. 当代教育科学. 2023(05): 40-49 .
43.	曹克亮. ChatGPT：意识形态家的机器学转向及后果. 统一战线学研究. 2023(04): 134-144 .
44.	宋恺，屈蕾蕾，杨萌科. 生成式人工智能的治理策略研究. 信息通信技术与政策. 2023(07): 83-88 .
45.	陈凌云，姚宽达，王茜，方安，李刚. ChatGPT:研究进展、模型创新及医学信息研究应用场景优化. 医学信息学杂志. 2023(07): 18-23+29 .
46.	彭强，李羿卫. 自然用户界面在智能家居系统中的应用路径创新研究：生成式人工智能技术的调节作用. 包装工程. 2023(16): 454-463 .
47.	杨军农，王少波. 类ChatGPT技术嵌入政务服务网的应用场景、风险隐患与实施建议. 信息与电脑(理论版). 2023(10): 183-186 .
48.	政光景，吕鹏. 生成式人工智能与哲学社会科学新范式的涌现. 江海学刊. 2023(04): 132-142+256 .
49.	吴梦妮. 社交媒体传播视域下玩具企业应用AI技术实施营销的实践路径. 玩具世界. 2023(04): 144-146 .
50.	李德毅，殷嘉伦，张天雷，韩威，鲍泓. 机器认知四要素说. 中国基础科学. 2023(03): 1-10+22 .
51.	王洁. ChatGPT对知识服务的五大变革. 图书馆. 2023(09): 10-16 .
52.	刘乃嘉. 基于ChatGPT的矿山工程风险评估预警系统实现探讨. 企业科技与发展. 2023(08): 44-47 .
53.	裴炳森，李欣，吴越. 基于ChatGPT的电信诈骗案件类型影响力评估. 计算机科学与探索. 2023(10): 2413-2425 .
54.	张新新，丁靖佳. 生成式智能出版的技术原理与流程革新. 图书情报知识. 2023(05): 68-76 .
55.	张新新，黄如花. 生成式智能出版的应用场景、风险挑战与调治路径. 图书情报知识. 2023(05): 77-86+27 .
56.	陈靖. ChatGPT的类人想象与安全风险分析. 网络空间安全. 2023(04): 8-12 .
57.	李佩芳，陈佳丽，宁宁，王立群，张涵旎. ChatGPT在医学领域的应用进展及思考. 华西医学. 2023(10): 1456-1460 .
58.	朱敏锐，郜云帆，黄勇. 以新时代优良学风涵养新时代外语人才. 北京教育(高教). 2023(11): 35-37 .
59.	丁红菊. 消解与重构：人工智能技术对新闻业的影响——基于对ChatGPT的研究. 运城学院学报. 2023(05): 57-62 .
60.	李钥，淮盼盼，杨辉. ChatGPT在护理教育中的应用状况及优劣分析. 护理学杂志. 2023(21): 117-121 .
61.	张绍龙. 基于ChatGPT的人工智能技术应用. 集成电路应用. 2023(11): 200-201 .
62.	崔克克，孙冲，李辉，赵凌飞. 浅谈水泥企业数字化转型发展. 中国水泥. 2023(12): 28-33 .
63.	单琳，王文娟，刘舒萌. ChatGPT在医学分子生物学教学中的应用. 基础医学教育. 2023(12): 1084-1086 .
64.	李德毅，刘玉超，任璐. 人工智能看智慧. 科学与社会. 2023(04): 131-149 .
65.	付翔，魏晓伟，张浩，徐宁. 数字安全角度下审视和剖析ChatGPT. 航空兵器. 2023(06): 117-122 .
66.	黄婷，刘力凯. 基于大模型的数智化语言教学探索与应用. 连云港职业技术学院学报. 2023(04): 73-79 .