| 基于逆向工程的软件漏洞挖掘技术 |
| |
| 引用本文: | 徐良华,孙玉龙,高丰,朱鲁华.基于逆向工程的软件漏洞挖掘技术[J].微计算机信息,2006,22(24):259-261. |
| |
| 作者姓名: | 徐良华 孙玉龙 高丰 朱鲁华 |
| |
| 作者单位: | 1. 450002 河南 郑州 信息工程大学信息工程学院;214083 江苏 无锡 江南计算技术研究所
2. 214083 江苏 无锡 江南计算技术研究所 |
| |
| 摘 要: | 软件漏洞挖掘是网络攻防技术的重要组成部分。首先介绍了逆向工程技术的起源、作用和基于逆向工程的软件漏洞挖掘技术的研究路线;然后描述了四种基于逆向工程的软件漏洞挖掘技术的原理、特性、适用范围和优缺点;最后给出一个实例,示范如何基于逆向工程技术挖掘helpctr程序中存在的缓冲区溢出软件漏洞。
|
| 关 键 词: | 软件漏洞 逆向工程 白箱分析 黑箱分析 |
| 文章编号: | 1008-0570(2006)08-3-0259-03 |
| 修稿时间: | 2005年12月16 |
Research on Discovering Software Vulnerabilities Based on Reverse Engineering |
| |
| XuLianghua,Sun Yulong,Gao Feng,Zhu Luhua.Research on Discovering Software Vulnerabilities Based on Reverse Engineering[J].Control & Automation,2006,22(24):259-261. |
| |
| Authors: | XuLianghua Sun Yulong Gao Feng Zhu Luhua |
| |
| Abstract: | Discovering software vulnerability is an important part of network attack and defense technology. First, the origin and appli- ciation of reverse engineering and the methods of discovering software vulnerabilities based on reverse engineering are introduced; then, the rationale, characteristics, applicable field, merits and limits of 4 methodologies of discovering software vulnerabilitiy based on reverse engineering are discribed; Finally, a instance of how to discover buffer overflow software vulnerability in helpctr.exe based on reverse engineering is presented. |
| |
| Keywords: | software vulnerability reverse engineering white box analysis black box analysis |
| 本文献已被 CNKI 万方数据 等数据库收录! |
