RTF数组溢出漏洞挖掘技术研究

发布时间：2018-03-10 06:19

本文选题：RTF文件　切入点：漏洞挖掘　出处：《通信学报》2017年05期 　论文类型：期刊论文

【摘要】：在虚函数执行中,由于错误操作C++对象的虚函数表而引起数组溢出漏洞。通过攻击虚函数造成系统崩溃,甚至导致攻击者可直接控制程序执行,严重威胁用户安全。为尽早发现并修复此类安全漏洞,对该安全漏洞的挖掘技术进行深入研究,结合MS Word解析RTF文件和虚函数调用之间的联系,发现MS Word在解析异常的RTF文件时存在数组溢出漏洞,并进一步提出基于文件结构解析的Fuzzing测试方法来挖掘RTF数组溢出漏洞。在此基础上,设计了RTF数组溢出漏洞挖掘工具(RAVD,RTF array vulnerability detector)。通过RAVD对RTF文件进行测试,能够正确挖掘出数组溢出漏洞。实际的模糊测试表明,设计的工具相比传统的漏洞挖掘工具具有更高的挖掘效率。
[Abstract]:In the virtual function in the implementation of the wrong operation of the C++ object the virtual function table caused by overflow attacks. An array of virtual function causing the system to crash, or even cause the attacker can directly control program execution, a serious threat to the safety of users. As soon as possible to find and fix these vulnerabilities, a thorough study of the vulnerability mining technology, combined with the MS Word RTF file parsing and virtual function call connection, MS Word has an array of overflow in analysis of abnormal RTF file, and further puts forward the test method of Fuzzing document structure analysis based on mining RTF array overflow. On this basis, the design of RTF array overflow mining tools (RAVD, RTF array vulnerability detector). Through the RAVD files on the RTF test, to dig out the correct array overflow. Fuzzy testing results show that, compared with the design tool Traditional vulnerability mining tools have higher mining efficiency.

【作者单位】：常熟理工学院计算机科学与工程学院;苏州大学计算机科学与技术学院;中科梦兰电子科技有限公司;泉州市公安局公共信息网络安全监察支队;
【基金】：国家自然科学基金资助项目(No.61202440,No.61402057) 江苏省产学研前瞻性联合研究基金资助项目(No.BY2016050-01) 江苏省科技计划基金资助项目(No.BK20160411)~~
【分类号】：TP309

【相似文献】