發(fā)布時間：2018-05-26 01:29

  本文選題：漏洞檢測 + 靜態(tài)分析��； 參考：《華僑大學(xué)》2017年碩士論文

【摘要】：軟件漏洞會增加網(wǎng)絡(luò)安全事件,基于源碼的檢測在過去十年已經(jīng)引起安全研究人員的廣泛關(guān)注了,并在此基礎(chǔ)上實現(xiàn)了很多源碼漏洞檢測工具,檢測效果明顯。近幾年各種商業(yè)軟件頻繁地爆出漏洞,嚴(yán)重影響到企業(yè)的安全,因此第三方應(yīng)用程序的安全受到越來越多的重視。與高級語言漏洞檢測相比,二進(jìn)制代碼由于缺乏程序?qū)傩孕畔⑶覚C器碼指令相對高級語言更難以理解,因此對二進(jìn)制代碼的檢測要困難的多,目前國內(nèi)外關(guān)于這項研究還處于起步階段。在現(xiàn)有的二進(jìn)制代碼漏洞檢測方法中,動態(tài)檢測是在程序運行時進(jìn)行檢查,往往需要消耗大量CPU資源,自動化程度低。與動態(tài)檢測相比,靜態(tài)檢測不需要執(zhí)行程序,而是通過模擬程序執(zhí)行流程來遍歷代碼,可以檢測程序所有路徑,能夠在程序執(zhí)行前檢測漏洞,而且不用消耗大量CPU資源,自動化程度高。本文采用靜態(tài)分析方法,對現(xiàn)代處理器指令集的語義進(jìn)行分析。將二進(jìn)制代碼轉(zhuǎn)換成更易于理解和分析的中間表示語言,再應(yīng)用源碼分析技術(shù)檢測轉(zhuǎn)換后的中間表示語言,同時針對現(xiàn)有中間表示語言的不足,本文重新設(shè)計了一種易于分析的中間表示語言,并以此中間語言作為檢測目標(biāo),抽象解釋理論作為檢測方法,應(yīng)用抽象域分層的方法提高檢測精度,最終實現(xiàn)了二進(jìn)制代碼漏洞靜態(tài)檢測系統(tǒng)Binana。Binana可以檢測包括Windows、Linux以及ARM平臺的應(yīng)用程序或者核心組件漏洞,目前已經(jīng)驗證了大量的已知漏洞并且還發(fā)現(xiàn)了1個0day漏洞。此外,本文還以Binana作為輔助分析工具,靜態(tài)分析較大規(guī)模的應(yīng)用軟件,并在此基礎(chǔ)上檢測較大規(guī)模程序的漏洞。本文最后通過對不同類型的RTF文檔漏洞進(jìn)行檢測,并與現(xiàn)有方法和工具進(jìn)行對比,驗證系統(tǒng)的有效性和實用性。
[Abstract]:Software vulnerability will increase network security incidents. The detection based on source code has attracted the attention of security researchers in the past ten years. On this basis, a lot of source code vulnerability detection tools have been implemented, and the detection effect is obvious. In recent years, a variety of commercial software frequently explodes vulnerabilities, which seriously affect the security of enterprises, so the security of third-party applications has been paid more and more attention. Compared with high-level language vulnerability detection, binary code is much more difficult to detect because it lacks program attribute information and machine code instructions are more difficult to understand than high-level language. At present, this research is still in its infancy at home and abroad. In the existing binary code vulnerability detection methods, dynamic detection is to check while the program is running. It often consumes a lot of CPU resources, and the degree of automation is low. Compared with dynamic detection, static detection does not need to execute the program, but traverses the code by simulating the program execution flow. It can detect all paths of the program, detect the vulnerability before the program executes, and do not consume a lot of CPU resources. High degree of automation. This paper uses static analysis method to analyze the semantics of instruction set of modern processor. The binary code is converted into an intermediate representation language that is easier to understand and analyze, and the source code analysis technology is applied to detect the converted intermediate representation language. At the same time, the deficiency of the existing intermediate representation language is pointed out. In this paper, a new intermediate representation language is redesigned, which is easy to analyze. The intermediate language is used as the detection target, the abstract interpretation theory is used as the detection method, and the detection accuracy is improved by using the method of abstract domain stratification. Finally the binary code vulnerability static detection system Binana.Binana can detect applications or core component vulnerabilities including Windows Linux and ARM platform. At present a large number of known vulnerabilities have been verified and a 0day vulnerability has been discovered. In addition, this paper uses Binana as the assistant analysis tool to analyze the large scale application software statically, and on this basis, detects the flaw of the larger scale program. Finally, by detecting different types of RTF document vulnerabilities and comparing them with existing methods and tools, this paper verifies the effectiveness and practicability of the system.
【學(xué)位授予單位】：華僑大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2017
【分類號】：TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 樂德廣;章亮;龔聲蓉;鄭力新;吳少剛;;面向RTF的OLE對象漏洞分析研究.[J];網(wǎng)絡(luò)與信息安全學(xué)報;2016年01期

2 樂德廣;章亮;鄭力新;李鑫;陳經(jīng)途;;面向RTF文件的Word漏洞分析[J];華僑大學(xué)學(xué)報(自然科學(xué)版);2015年01期

3 王明華;應(yīng)凌云;馮登國;;基于異�？刂屏髯R別的漏洞利用攻擊檢測方法[J];通信學(xué)報;2014年09期

4 施明輝;江敏;晁飛;周昌樂;;一種改進(jìn)的不動點存在唯一性定理[J];廈門大學(xué)學(xué)報(自然科學(xué)版);2014年03期

5 史飛悅;傅德勝;;緩沖區(qū)溢出漏洞挖掘分析及利用的研究[J];計算機科學(xué);2013年11期

6 吳世忠;郭濤;董國偉;王嘉捷;;軟件漏洞分析技術(shù)進(jìn)展[J];清華大學(xué)學(xué)報(自然科學(xué)版);2012年10期

7 王雅文;姚欣洪;宮云戰(zhàn);楊朝紅;;一種基于代碼靜態(tài)分析的緩沖區(qū)溢出檢測算法[J];計算機研究與發(fā)展;2012年04期

8 唐和平;吳志勇;黃曙光;李永成;;基于數(shù)據(jù)流分析的二進(jìn)制代碼程序理解方法[J];計算機工程;2010年17期

9 唐彰國;鐘明全;李煥洲;張健;;基于Fuzzing的文件格式漏洞挖掘技術(shù)[J];計算機工程;2010年16期

10 文偉平;吳興麗;蔣建春;;軟件安全漏洞挖掘的研究思路及發(fā)展趨勢[J];信息網(wǎng)絡(luò)安全;2009年10期

相關(guān)碩士學(xué)位論文 前1條

1 邱景;二進(jìn)制環(huán)境下的緩沖區(qū)溢出漏洞動態(tài)檢測[D];哈爾濱理工大學(xué);2009年

，

本文編號：1935416