安全编译选项测评系统研究设计
发布时间:2018-08-04 16:30
【摘要】:网络技术的快速发展一方面给人们的生活带来了便利,另一方面也带来了许多的安全问题,这些安全问题常常导致信息泄露等一系列严重后果。引起网络安全问题的原因是多方面的,其中缓冲区溢出是一种非常普遍、非常危险的安全漏洞。编译器GCC提供的安全编译选项能有效的防范缓冲区溢出攻击,减少网络攻击的可能性。因此有效的检测可执行文件所添加的安全编译选项是十分有意义的。然而,现阶段大多数工具都只能单一的检测单一平台的可执行文件,无法做到大规模、跨平台的检测,并且无法直观地显示检测结果,更不能进行安全等级评定。本课题首先研究GCC安全编译选项的底层实现原理以及持续集成系统的基础理论,然后依托某公司的持续集成系统,设计一套安全编译选项测评系统。该系统能够对各个产品线上的软件进行检测,特别是能够跨平台的检测不同操作系统下可执行文件所添加的安全选项,并进行评级和打分。本系统自动化地判断可执行文件在编译时相关选项是否添加成功,一方面省去了繁琐的手动查询工作,另一方面在节省了大量人力资源的同时确保了可执行文件的安全性.本文主要围绕安全编译选项测评系统的实现过程展开,主要创新工作如下:(1)在原有检测工具的基础上添加了评级和打分功能,能在页面上直观的显示检测结果,方便使用者查看。(2)能一键检测不同操作系统编译生成的可执行文件,使用者无需过多关注检测环境,系统会自动检测测试环境,并选择相对应的工具进行检测,具有跨平台性。(3)可以自动化的实现安全编译选项的检测工作,无需浪费大量的人力来进行反汇编代码分析等工作。
[Abstract]:The rapid development of network technology has brought convenience to people's life on the one hand, on the other hand, it also brings a lot of security problems. These security problems often lead to a series of serious consequences such as information leakage. The cause of network security problems is multifaceted, in which the buffer overflow is a very common, very dangerous leakage. The security compiler options provided by the compiler GCC can effectively prevent buffer overflow attacks and reduce the possibility of network attacks. Therefore, it is very meaningful to detect the security compilation options added to the executable file effectively. However, most tools can only detect single platform executable files at the present stage, and can not do it. To the large-scale, cross platform detection, and can not display the detection results intuitively, can not carry on the security level evaluation. This topic first studies the underlying implementation principle of the GCC security compilation options and the basic theory of the continuous integrated system, and then relies on the continuous integrated system of a company to design a set of security compilation options evaluation system. The system can detect the software on each product line, especially to detect the security options added to the executable files under different operating systems across the platform, and evaluate and score the ratings. This system automatically judges whether the executable files have been added successfully at compile time. On the one hand, it saves the tedious manual query. The work, on the other hand, saves a lot of human resources and ensures the security of the executable files. This paper mainly focuses on the implementation of the security compilation options evaluation system. The main innovations are as follows: (1) adding the rating and scoring functions on the basis of the original detection tools, can display the results on the page intuitively. It is convenient for users to check. (2) the executable file can be detected by one key, and the user does not need to pay much attention to the detection environment. The system will automatically detect the test environment, and select the corresponding tools to detect and cross platform. (3) it is possible to automatically detect the security compilation options. The amount of manpower for disassembly code analysis and so on.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP393.08;TP314
[Abstract]:The rapid development of network technology has brought convenience to people's life on the one hand, on the other hand, it also brings a lot of security problems. These security problems often lead to a series of serious consequences such as information leakage. The cause of network security problems is multifaceted, in which the buffer overflow is a very common, very dangerous leakage. The security compiler options provided by the compiler GCC can effectively prevent buffer overflow attacks and reduce the possibility of network attacks. Therefore, it is very meaningful to detect the security compilation options added to the executable file effectively. However, most tools can only detect single platform executable files at the present stage, and can not do it. To the large-scale, cross platform detection, and can not display the detection results intuitively, can not carry on the security level evaluation. This topic first studies the underlying implementation principle of the GCC security compilation options and the basic theory of the continuous integrated system, and then relies on the continuous integrated system of a company to design a set of security compilation options evaluation system. The system can detect the software on each product line, especially to detect the security options added to the executable files under different operating systems across the platform, and evaluate and score the ratings. This system automatically judges whether the executable files have been added successfully at compile time. On the one hand, it saves the tedious manual query. The work, on the other hand, saves a lot of human resources and ensures the security of the executable files. This paper mainly focuses on the implementation of the security compilation options evaluation system. The main innovations are as follows: (1) adding the rating and scoring functions on the basis of the original detection tools, can display the results on the page intuitively. It is convenient for users to check. (2) the executable file can be detected by one key, and the user does not need to pay much attention to the detection environment. The system will automatically detect the test environment, and select the corresponding tools to detect and cross platform. (3) it is possible to automatically detect the security compilation options. The amount of manpower for disassembly code analysis and so on.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TP393.08;TP314
【相似文献】
相关期刊论文 前10条
1 ;量化考核测评系统[J];中国劳动;2000年10期
2 ;实用人力资源测评系统——借您一双慧眼[J];通信企业管理;2002年07期
3 程载和,杨文s,
本文编号:2164451
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2164451.html
