發(fā)布時間：2018-08-04 16:30

【摘要】：網(wǎng)絡(luò)技術(shù)的快速發(fā)展一方面給人們的生活帶來了便利,另一方面也帶來了許多的安全問題,這些安全問題常常導(dǎo)致信息泄露等一系列嚴重后果。引起網(wǎng)絡(luò)安全問題的原因是多方面的,其中緩沖區(qū)溢出是一種非常普遍、非常危險的安全漏洞。編譯器GCC提供的安全編譯選項能有效的防范緩沖區(qū)溢出攻擊,減少網(wǎng)絡(luò)攻擊的可能性。因此有效的檢測可執(zhí)行文件所添加的安全編譯選項是十分有意義的。然而,現(xiàn)階段大多數(shù)工具都只能單一的檢測單一平臺的可執(zhí)行文件,無法做到大規(guī)模、跨平臺的檢測,并且無法直觀地顯示檢測結(jié)果,更不能進行安全等級評定。本課題首先研究GCC安全編譯選項的底層實現(xiàn)原理以及持續(xù)集成系統(tǒng)的基礎(chǔ)理論,然后依托某公司的持續(xù)集成系統(tǒng),設(shè)計一套安全編譯選項測評系統(tǒng)。該系統(tǒng)能夠?qū)Ω鱾�產(chǎn)品線上的軟件進行檢測,特別是能夠跨平臺的檢測不同操作系統(tǒng)下可執(zhí)行文件所添加的安全選項,并進行評級和打分。本系統(tǒng)自動化地判斷可執(zhí)行文件在編譯時相關(guān)選項是否添加成功,一方面省去了繁瑣的手動查詢工作,另一方面在節(jié)省了大量人力資源的同時確保了可執(zhí)行文件的安全性.本文主要圍繞安全編譯選項測評系統(tǒng)的實現(xiàn)過程展開,主要創(chuàng)新工作如下:(1)在原有檢測工具的基礎(chǔ)上添加了評級和打分功能,能在頁面上直觀的顯示檢測結(jié)果,方便使用者查看。(2)能一鍵檢測不同操作系統(tǒng)編譯生成的可執(zhí)行文件,使用者無需過多關(guān)注檢測環(huán)境,系統(tǒng)會自動檢測測試環(huán)境,并選擇相對應(yīng)的工具進行檢測,具有跨平臺性。(3)可以自動化的實現(xiàn)安全編譯選項的檢測工作,無需浪費大量的人力來進行反匯編代碼分析等工作。
[Abstract]:The rapid development of network technology has brought convenience to people's life on the one hand, on the other hand, it also brings a lot of security problems. These security problems often lead to a series of serious consequences such as information leakage. The cause of network security problems is multifaceted, in which the buffer overflow is a very common, very dangerous leakage. The security compiler options provided by the compiler GCC can effectively prevent buffer overflow attacks and reduce the possibility of network attacks. Therefore, it is very meaningful to detect the security compilation options added to the executable file effectively. However, most tools can only detect single platform executable files at the present stage, and can not do it. To the large-scale, cross platform detection, and can not display the detection results intuitively, can not carry on the security level evaluation. This topic first studies the underlying implementation principle of the GCC security compilation options and the basic theory of the continuous integrated system, and then relies on the continuous integrated system of a company to design a set of security compilation options evaluation system. The system can detect the software on each product line, especially to detect the security options added to the executable files under different operating systems across the platform, and evaluate and score the ratings. This system automatically judges whether the executable files have been added successfully at compile time. On the one hand, it saves the tedious manual query. The work, on the other hand, saves a lot of human resources and ensures the security of the executable files. This paper mainly focuses on the implementation of the security compilation options evaluation system. The main innovations are as follows: (1) adding the rating and scoring functions on the basis of the original detection tools, can display the results on the page intuitively. It is convenient for users to check. (2) the executable file can be detected by one key, and the user does not need to pay much attention to the detection environment. The system will automatically detect the test environment, and select the corresponding tools to detect and cross platform. (3) it is possible to automatically detect the security compilation options. The amount of manpower for disassembly code analysis and so on.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2017
【分類號】：TP393.08;TP314

【相似文獻】

相關(guān)期刊論文 前10條

1 ;量化考核測評系統(tǒng)[J];中國勞動;2000年10期

2 ;實用人力資源測評系統(tǒng)——借您一雙慧眼[J];通信企業(yè)管理;2002年07期

3 程載和,楊文s，

本文編號：2164451