模糊测试下软件安全漏洞发掘技术分析

模糊测试在近几年的应用范围越来越广了,模糊测试用于测试软件存在的安全漏洞,例如该项技术在客户端应用程序microsoft中word软件的测试等等。模糊技术的应用产生了许多新的应用程序,使程序的应用安全功能更完善。本文将论述模糊测试下软件安全漏洞发掘技术分析。     

软件安全测试新武器——浅谈基于Dynamic Taint Propagation的测试技术

软件安全测试是保证软件能够安全使用的最主要的手段，如何进行高效的安全测试成为业界关注的话题。多年的安全测试经验告诉我们，做好软件安全测试的必要条件是：一是充分了解软件安全漏洞，二是拥有高效的软件安全测试技术和测试工具。     

软件安全测试新武器--浅谈基于Dynamic Taint Propagation的测试技术

软件安全测试是保证软件能够安全使用的最主要的手段,如何进行高效的安全测试成为业界关注的话题。多年的安全测试经验告诉我们,做好软件安全测试的必要条件是：一是充分了解软件安全漏洞,二是拥有高效的软件安全测试技术和测试工具。     

论软件安全漏洞挖掘技术

软件安全漏洞测试技术属于信息安全领域中一个非常重要的内容,本文对其概念进行了分析,并在此基础上探讨了当前的软件安全漏洞挖掘技术以及其流程,最终总结了其发展方向,希望给我们的工作起到一定的指导和促进作用。     

模糊测试技术研究综述

软件中的安全漏洞可能导致非常严重的后果,因此漏洞挖掘已成为网络与信息安全领域的重大课题和研究热点。目前常用的漏洞挖掘技术包括静态分析、动态分析、二进制比对、模糊测试等。随着软件的规模和复杂度不断增大,模糊测试具有其它漏洞挖掘技术无法比拟的优势。首先介绍和分析了各种漏洞挖掘技术的优点和缺点;然后分别详细描述了模糊测试的研究进展、模糊测试的过程、测试用例的生成技术;最后介绍了模糊测试在各个领域的应用,并对其发展方向进行了展望。     

软件安全漏洞的静态检测技术

软件安全漏洞问题日益严重,静态漏洞检测提供从软件结构和代码中寻找漏洞的方法。该文研究软件漏洞静态检测的两个主要方面：静态分析和程序验证,重点分析词法分析、规则检查、类型推导、模型检测、定理证明和符号执行等方法,将常用的静态检测工具按方法归类,讨论、总结静态检测技术的优势、适用性和发展趋势。     

软件安全漏洞检测技术

软件安全漏洞检测技术是提高软件质量和安全性、减少软件安全漏洞的重要方法和基本手段,受到学术界和工业界的广泛关注和高度重视.其主要途径包括软件测试、程序分析、模型检验与符号执行等.近年来,综合利用多种研究方法和技术手段来检测软件安全漏洞已成为软件安全领域的研究热点.文中首先回顾了程序分析与软件安全漏洞检测的基本概念、核心问题和传统手段.然后重点介绍该领域的最新进展,主要包括轻量级动态符号执行、自动化白盒模糊测试以及其实现技术和相应的工具.最后,指出了其所面临的挑战和发展趋势.     

模糊数据发掘的研究

本文将模糊理论应用于数据发掘，提出模糊数据发掘（FuzzyDataMining，FDM），采用模糊聚类分析的方法，从数据仓库中发掘普通方法难以发现的隐藏模式，进行模糊预测。并举例说明FDM方法的主要实现过程。本文对各类数据仓库的灵敏数据发掘具有普遍意义。     

一种基于fuzzing技术的漏洞发掘新思路*

目前检测软件缓冲区溢出漏洞仅局限于手工分析、二进制补丁比较及fuzzing技术等,这些技术要么对人工分析依赖程度高,要么盲目性太大,致使漏洞发掘效率极为低下。结合fuzzing技术、数据流动态分析技术以及异常自动分析技术等,提出一种新的缓冲区溢出漏洞发掘思路。新思路克服了已有缓冲区溢出漏洞发掘技术的缺点,能有效发掘网络服务器软件中潜在的未知安全漏洞（0day）,提高了缓冲区溢出漏洞发掘效率和自动化程度。     

基于规范生成的文件模糊测试

为了解决传统文件模糊测试效率不高与功能遗漏的缺点,提出一种新的文件模糊测试算法.基于文件的规范,抽象地描述了文件推导规则,定义了文件模糊测试模板,设计了文件模糊变异模型.在规范描述下生成不同类型文件,然后对每类文件进行变异模糊测试,有效地减少了大量无效测试.实际测试中,已经验证3个已公开漏洞并发现两个未公开漏洞,表明了该算法的有效性.     

计算机网络安全漏洞及解决措施分析

随着高科技信息技术的普遍推广和运用,人们的生活方式变得越来越方便和快捷,计算机网络的迅速发展使得我国社会生产力不断创新,对于推动我国社会主义现代化建设具有重要现实意义。在现代化建设中,计算机网络技术的广泛应用,使人们的沟通和联系方式变得更加智能化和自动化,大大提高了现代办公效率,对于促进我国经济快速发展起着重要推动作用。本文就计算机网络常见安全漏洞进行分析,提出相应的解决措施,以提高计算机网络运行的安全性,促进我国计算机网络技术水平不断提升。     

系统漏洞挖掘技术探讨

进入新世纪以来,我国科学技术得到较快的发展,其中互联网网络技术作为现阶段较为普遍的技术之一,给人们的日常生活带来较大的变化,在很多方面方便了人们的日常生活.但是随着各种网络技术的发展,其中表现出的漏洞也逐步增多,系统漏洞作为现阶段漏洞的主要部分,全面实现系统漏洞的挖掘对于保护整个互联网的安全有着非常重要的意义.本文中笔者结合自身多年系统漏洞挖掘经验,简要分析了系统漏洞的挖掘技术.供各位网络安全维护人员参考,以共同提高我国网络攻防技术的能力水平.     

On the security of open source software

Abstract With the rising popularity of so‐called ‘open source’ software there has been increasing interest in both its various benefits and disadvantages. In particular, despite its prominent use in providing many aspects of the Internet's basic infrastructure, many still question the suitability of such software for the commerce‐oriented Internet of the future. This paper evaluates the suitability of open source software with respect to one of the key attributes that tomorrow's Internet will require, namely security. It seeks to present a variety of arguments that have been made, both for and against open source security and analyses in relation to empirical evidence of system security from a previous study. The results represent preliminary quantitative evidence concerning the security issues surrounding the use and development of open source software, in particular relative to traditional proprietary software.     

Software Operational Profile Based Test Case Allocation Using Fuzzy Logic

Software operational profile (SOP) is used in software reliability prediction,software quality assessment,performance analysis of software,test case allocation,determination of"when to stop testing,"etc.Due to the limited data resources and large efforts required to collect and convert the gathered data into point estimates,reluctance is observed by the software professionals to develop the SOP.A framework is proposed to develop SOP using fuzzy logic,which requires usage data in the form of linguistics.The resulting profile is named fuzzy software operational profile (FSOP).Based on this work,this paper proposes a generalized approach for the allocation of test cases,in which occurrence probability of operations obtained from FSOP are combined with the criticality of the operations using fuzzy inference system (FIS).Traditional methods for the allocation of test cases do not consider the application in which software operates.This is intuitively incorrect.To solve this problem,allocation of test cases with respect to software application using the FIS model is also proposed in this paper.     

基于模糊聚类的电力供应链安全风险监测研究

在电力供应链安全风险监测中,针对传统方法下的电力供应链稳定性较低的问题,提出一种基于模糊聚类的电力供应链安全风险监测方法,利用模糊聚类算法对电力供应链中存在的不良数据进行辨识,利用不良数据并结合电力供应链的自身特点,建立基于不良数据的电力供应链安全风险识别模型对电力供应链进行安全风险识别,对安全风险识别数据进行归一化处理与分类处理,实现电力供应链的安全风险监测。为了验证该方法下的电力供应链稳定性,与传统方法进行对比实验,得出结果为该方法与基于决策树规则提取的电力供应链安全风险监测方法、基于稳定特征向量的电力供应链安全风险监测方法、基于Relief算法的电力供应链安全风险监测方法下的电力供应链稳定性分别为86.2%、72.2%、63.3%、42.6%,通过比较可知,该方法能够使电力供应链保持较高的稳定性。     

基于改进DS理论的双重模糊信息安全评估

针对信息安全评估的模糊性,考虑之前算法的单一方面模糊问题,分析信息安全系统不同时间段内的表现,提出一种基于改进DS理论的双重模糊信息安全评估算法。不仅利用三角模糊数方法把专家观点进行聚合,还用改进的DS理论充分体现出不同时间段内系统的表现会造成的对专家评价结果的影响,根据风险计算公式,最终得到威胁严重程度排序。与单一决策算法相比,综合考虑了信息安全系统的不确定性和主观人为的不确定性,避免了单一时间段内的笼统决定,通过实验,验证了该方法的必需性及有效性。     

基于改进三角模糊数的网络安全风险评估方法*

采用改进的德尔菲法对网络安全指标进行选取,在评价指标权重确定上,针对传统的AHP（层次分析法）权重确定方法的缺点,提出了改进的三角模糊数评价IFAHP方法。最后,设计并实现了一个网络安全评价原型系统,并采用二级模糊综合评价对网络系统的安全性进行了评估。实验结果表明,该方法能有效地解决AHP方法的主观随意性和一致性验证的问题,提高网络安全评价的客观性和有效性。     

A fuzzy logic based approach for phase-wise software defects prediction using software metrics

ContextThe software defect prediction during software development has recently attracted the attention of many researchers. The software defect density indicator prediction in each phase of software development life cycle (SDLC) is desirable for developing a reliable software product. Software defect prediction at the end of testing phase may not be more beneficial because the changes need to be performed in the previous phases of SDLC may require huge amount of money and effort to be spent in order to achieve target software quality. Therefore, phase-wise software defect density indicator prediction model is of great importance.ObjectiveIn this paper, a fuzzy logic based phase-wise software defect prediction model is proposed using the top most reliability relevant metrics of the each phase of the SDLC.MethodIn the proposed model, defect density indicator in requirement analysis, design, coding and testing phase is predicted using nine software metrics of these four phases. The defect density indicator metric predicted at the end of the each phase is also taken as an input to the next phase. Software metrics are assessed in linguistic terms and fuzzy inference system has been employed to develop the model.ResultsThe predictive accuracy of the proposed model is validated using twenty real software project data. Validation results are satisfactory. Measures based on the mean magnitude of relative error and balanced mean magnitude of relative error decrease significantly as the software project size increases.ConclusionIn this paper, a fuzzy logic based model is proposed for predicting software defect density indicator at each phase of the SDLC. The predicted defects of twenty different software projects are found very near to the actual defects detected during testing. The predicted defect density indicators are very helpful to analyze the defect severity in different artifacts of SDLC of a software project.     

软件安全缺陷发掘模型研究进展*

软件安全缺陷发掘模型在评估软件安全等级、预测软件剩余安全缺陷数量、确定为保证软件安全所需投入的资源等方面有着重要的意义。本文综述了软件安全缺陷发掘模型研究的进展状况,详细介绍了主要软件安全缺陷发掘模型的内容和原理,并对这些模型的特点和性能进行了比较和分析,最后提出了几个软件安全缺陷发掘模型研究领域需要进一步研究的问题。     

Improving software security with static automated code analysis in an industry setting

Software security can be improved by identifying and correcting vulnerabilities. In order to reduce the cost of rework, vulnerabilities should be detected as early and efficiently as possible. Static automated code analysis is an approach for early detection. So far, only few empirical studies have been conducted in an industrial context to evaluate static automated code analysis. A case study was conducted to evaluate static code analysis in industry focusing on defect detection capability, deployment, and usage of static automated code analysis with a focus on software security. We identified that the tool was capable of detecting memory related vulnerabilities, but few vulnerabilities of other types. The deployment of the tool played an important role in its success as an early vulnerability detector, but also the developers perception of the tools merit. Classifying the warnings from the tool was harder for the developers than to correct them. The correction of false positives in some cases created new vulnerabilities in previously safe code. With regard to defect detection ability, we conclude that static code analysis is able to identify vulnerabilities in different categories. In terms of deployment, we conclude that the tool should be integrated with bug reporting systems, and developers need to share the responsibility for classifying and reporting warnings. With regard to tool usage by developers, we propose to use multiple persons (at least two) in classifying a warning. The same goes for making the decision of how to act based on the warning. Copyright © 2012 John Wiley & Sons, Ltd.