期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

参考安全补丁比对的软件安全漏洞挖掘方法 被引量:4

Software security vulnerability exploitation method based on a security patch
原文传递
导出
摘要 Windows操作系统作为目前全球使用最广泛的桌面操作系统,一旦其漏洞被利用将造成严重后果,所以对Windows操作系统的漏洞发掘意义重大。当前对软件安全漏洞的发现更多的是依靠安全研究人员的经验和运气,缺乏系统且有效的方法指导。为了找到一种能够快速发现Windows一类漏洞的方法,本文从安全补丁的修补方法入手,分析了漏洞补丁后可能引入新的安全隐患的4种模式,提出了一种参考安全补丁比对的软件安全漏洞挖掘方法,并对方法进行了形式化描述。利用此方法较好的解决了半自动化挖掘Windows系统漏洞问题。最后以Windows操作系统未知漏洞案例验证了该方法的有效性。 Windows is the world's most widely used desktop operating system,so security vulnerabilities in windows have an enormous impact on system security and exploiting vulnerabilities in the Windows operating system has great significance.At present,the discovery of software security vulnerabilities depends mainly on the experience and luck of security researchers since they lack systematic and effective methods to find vulnerabilities.To more quickly find a class of vulnerabilities,this paper focuses on patch vulnerability with four types of security threat modes introduced patches.Then this paper describes a software security vulnerability exploitation method based on patch comparison.This method can be used to solve the semi-automatically find Windows vulnerabilities with patches.This method found unknown Windows operating system vulnerabilities to verify its effectiveness.
作者 文伟平 张普含 徐有福 尹亮
机构地区 北京大学软件与微电子学院 中国信息安全测评中心
出处 《清华大学学报(自然科学版)》 EI CAS CSCD 北大核心 2011年第10期1264-1268,共5页 Journal of Tsinghua University(Science and Technology)
基金 国家自然科学基金资助项目(61170282)
关键词 漏洞发现 补丁比对 形式化描述 vulnerability exploitation vulnerability patches comparison formal description
分类号 TP393 [自动化与计算机技术—计算机应用技术]
作者简介 文伟平(1976-),男(汉),北京,副教授。E—mail:weipingwen@ss.pku.edu.cn
  • 相关文献

参考文献10

  • 1Flake H. Structural comparison of executable objects [C]// Proceedings of the IEEE Conference on Detection of Intrusions, Malware, and Vulnerability Assessment. Dortmund, Germany: SIG SIDAR, 2004.
  • 2Sabin T. Comparing binaries with graph isomorphisms [Z/OL]. (2011-06 25), http= //razor. bindview. com/publish/papers/comparing-binaries, html, 2004.
  • 3Brumley D, Poosankam P, Song D, Jiang Z. Automatic patch-based exploit generation is possible: Techniques and implications, security and privacy [C]// Proceedings of the IEEE Symposium on Security and Privacy. California, USA: IEEE Computer Society, 2008:143 -157.
  • 4eEye Security. eEye binary diffing suite (EBDS) [Z/OL]. (2011-06-25), http://research. eeye. com/html/tools/ RT20060801 1. htm 1. Version 1.0.5.
  • 5Brumley D, Caballero J, Liang Z, Newsome J, Song D. Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation [C]// Proceedings of the USENIX Security Symposium. Boston, USA: USENIX, 2007.
  • 6罗谦,舒辉,曾颖.二进制文件结构化比较的并行算法实现[J].计算机应用,2007,27(5):1260-1263. 被引量:4
  • 7Software Security Research. Group, School of Software and Mieroelectronics, Peking University. [Z/OL]. (2011 06-25), http : / / www. pku-exploit, corn/.
  • 8Microsoft Corporation [Z/OL]. (2011-06-25), http: //tcchnet. microsoft, com/en-us/security/bulletin/mslO - 015.
  • 9Microsoft Corporation [Z/OL]. (2011-06-25), http microsoft, com/en us/security/bulletin/ms11- 010.
  • 10Microsoft Corporation [Z/OL]. (2011-06-25), http: microsoft, com/en us/security/bulletin/ms10 - 011.

二级参考文献4

  • 1WANG Z,PIERCE K,MCFARLING S.Bmat-a binary matching tool[A].2nd ACM Workshop on Feedback-Directed Optimization[C].1999.
  • 2FLAKE H.Structural comparison of executable object[EB/OL].http://www.sabre-security.com/files/dimva_paper2.pdf,2004-10-10.
  • 3ZHU YC.Communication Optimizations for Parallel C Programs[EB/OL].http://www.sable.mcgill.ca/~ hendren/ftp/pldi98.ps.gz,1998-10-10.
  • 4CHEN WY,BONACHEA D.A Performance Analysis of the Berkeley UPC Compiler[EB/OL].http://www.gwu.edu/~ upc/publications/performance.pdf,2003-10-10.

共引文献3

同被引文献27

  • 1Wang T, Wei T, Gu G, et al. Checksum-aware fuzzing combined with dynamic taint analysis and symbolic execution[ J]. ACM Transactions on Information and System Security (TISSEC) , 2011, 14(2) : 15.
  • 2Li C, Wei Q, Wang Q. RankFuzz: Fuzz Testing Based on Comprehensive Evaluation[ C]//Proceedings of Multimedia Infor- mation Networking and Security (MINES). 2012: 939-942.
  • 3HowardM,LipnerS.软件安全生命开发周期[M].北京:电子工业出版社,2008:3-10.
  • 4Tian D, Zeng Q, Wu D, et al. Kruiser: Semi-synchronized Non-blocking Concurrent Kernel Heap Buffer Overflow Monitoring [ C]//Proceedings of the 18th Annual Network and Distributed System Security Symposium(NDSS). 2012:536-542.
  • 5Zeng Q, Wu D, Liu P. Cruiser: Concurrent heap buffer overflow monitoring using lock-free data structures[ C ]//Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation. 2011:367-377.
  • 6Wang Z, Jiang X. HyperSafe:A lightweight approach to provide lifetime hypervisor control-flow integrity[ C ]//Proceedings of the 2010 IEEE Symposium on Security and Privacy. 2010:380-395.
  • 7文伟平,吴兴丽,蒋建春.软件安全漏洞挖掘的研究思路及发展趋势[J].信息网络安全,2009(10):78-80. 被引量:19
  • 8张小康,帅建梅,史林.基于加权信息增益的恶意代码检测方法[J].计算机工程,2010,36(6):149-151. 被引量:9
  • 9沈亚楠,赵荣彩,任华,王小芹,刘振华,张新宇,李鹏飞.基于二进制补丁比对的软件输入数据自动构造[J].计算机工程与设计,2010,31(14):3169-3173. 被引量:2
  • 10毛宁祥,文伟平,傅军.IE浏览器防攻击关键技术分析[J].信息网络安全,2011(7):26-29. 被引量:3

引证文献4

二级引证文献7

清华大学学报(自然科学版)
2011年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
关于我们 | 版权声明 | 联系我们 | 帮助中心| 意见反馈
主办单位:上海市教育委员会
技术支持:重庆维普资讯有限公司
渝公网安备 50019002500403号
使用帮助 返回顶部