缓冲区溢出漏洞挖掘和防护技术研究
发布时间:2018-11-12 10:18
【摘要】:软件安全漏洞已经成为网络安全的主要问题之一,,尤其是近几年来互联网针对软件漏洞发生的安全事件越来越严重,不管是在国家战略层面还是在社会安全层面,软件漏洞的检测和防护都处在极其重要的位置。 缓冲区溢出漏洞是软件的主要威胁之一,随着网络技术的快速发展,软件应用程序的开发和普及也越来越广泛,但是数量上的突飞猛进并没有带来与之相对应的安全层面的质量保证,导致缓冲区漏洞引发的安全事件日益增多。因此,如何有效的检测和防护缓冲区溢出漏洞一直以来都是安全领域的一个非常重要的课题。 本文在详细分析了缓冲区溢出攻击的原理和漏洞利用技术的基础上,针对二进制程序的漏洞挖掘问题,提出了一种基于遗传算法的Fuzzing漏洞检测技术,结合缓冲区溢出漏洞的特征,构造具有很好的完备性和较高覆盖率的测试用例,通过静态分析技术,智能的引导测试数据逻辑到二进制程序的脆弱语句部分,使其能够快速的命中缓冲区溢出漏洞。 基于漏洞挖掘的准确性和完备性,本文进一步提出一种基于AES加密算法的缓冲区溢出漏洞代码保护方案。对敏感数据区域进行加密是缓冲区溢出攻击防御技术的主要手段,但是受限于一般加密算法的复杂度和安全性的要求其效果并不理想,而AES加密算法具有更长的密钥可以明显提高系统的安全性,并且算法实现简单,迭代次数也可以得到较好的控制。依据该方案实验结果表明,在保护缓冲区安全区域AES加密算法具有更高的安全性和较低的系统开销。
[Abstract]:Software security vulnerabilities have become one of the main problems of network security, especially in recent years, the Internet security incidents against software vulnerabilities have become more and more serious, whether in the national strategic level or in the social security level. Software vulnerability detection and protection are in an extremely important position. Buffer overflow vulnerability is one of the main threats to software. With the rapid development of network technology, the development and popularization of software applications are becoming more and more widespread. However, the rapid increase in quantity does not bring the corresponding security quality assurance, which leads to the increasing number of security incidents caused by buffer zone vulnerabilities. Therefore, how to effectively detect and protect buffer overflow vulnerabilities has always been a very important issue in the field of security. Based on the detailed analysis of the principle of buffer overflow attack and vulnerability exploitation technology, this paper proposes a Fuzzing vulnerability detection technology based on genetic algorithm, aiming at the problem of vulnerability mining in binary programs. Combined with the characteristics of buffer overflow vulnerability, a test case with good completeness and high coverage is constructed. Through static analysis technology, the logic of test data can be guided intelligently to the fragile statement part of binary program. Enables it to quickly hit a buffer overflow vulnerability. Based on the accuracy and completeness of vulnerability mining, this paper proposes a buffer overflow code protection scheme based on AES encryption algorithm. Encryption of sensitive data regions is the main means of buffer overflow attack defense technology, but limited by the complexity and security requirements of general encryption algorithm, its effect is not satisfactory. AES encryption algorithm with longer key can obviously improve the security of the system, and the algorithm is simple to implement, and the number of iterations can be better controlled. The experimental results show that the AES encryption algorithm has higher security and lower system overhead.
【学位授予单位】:天津理工大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
[Abstract]:Software security vulnerabilities have become one of the main problems of network security, especially in recent years, the Internet security incidents against software vulnerabilities have become more and more serious, whether in the national strategic level or in the social security level. Software vulnerability detection and protection are in an extremely important position. Buffer overflow vulnerability is one of the main threats to software. With the rapid development of network technology, the development and popularization of software applications are becoming more and more widespread. However, the rapid increase in quantity does not bring the corresponding security quality assurance, which leads to the increasing number of security incidents caused by buffer zone vulnerabilities. Therefore, how to effectively detect and protect buffer overflow vulnerabilities has always been a very important issue in the field of security. Based on the detailed analysis of the principle of buffer overflow attack and vulnerability exploitation technology, this paper proposes a Fuzzing vulnerability detection technology based on genetic algorithm, aiming at the problem of vulnerability mining in binary programs. Combined with the characteristics of buffer overflow vulnerability, a test case with good completeness and high coverage is constructed. Through static analysis technology, the logic of test data can be guided intelligently to the fragile statement part of binary program. Enables it to quickly hit a buffer overflow vulnerability. Based on the accuracy and completeness of vulnerability mining, this paper proposes a buffer overflow code protection scheme based on AES encryption algorithm. Encryption of sensitive data regions is the main means of buffer overflow attack defense technology, but limited by the complexity and security requirements of general encryption algorithm, its effect is not satisfactory. AES encryption algorithm with longer key can obviously improve the security of the system, and the algorithm is simple to implement, and the number of iterations can be better controlled. The experimental results show that the AES encryption algorithm has higher security and lower system overhead.
【学位授予单位】:天津理工大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
【参考文献】
相关期刊论文 前8条
1 闵亨高;;网络攻击发展趋势[J];计算机安全;2013年01期
2 弟宇鸣;陈荣桦;左广霞;;基于AES算法的加密模块设计[J];电子设计工程;2013年02期
3 迟强;罗红;乔向东;;漏洞挖掘分析技术综述[J];计算机与信息技术;2009年Z2期
4 王先培,张爱菊,熊平,张俊;新一代数据加密标准——AES[J];计算机工程;2003年03期
5 夏建军;孙乐昌;刘京菊;张e
本文编号:2326824
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2326824.html
