共查询到20条相似文献,搜索用时 93 毫秒
1.
2.
介绍了条件接收(CA)的基本原理,包括条件接收的系统结构、机顶盒的CA功能等,提炼了CA的4个基本要素,并分析了CA的安全漏洞与常见破解方法.针对这些安全漏洞,各CA厂家提出了多种解决方法,重点讲述了这些方法的原理及其优缺点. 相似文献
3.
802.11WLAN安全漏洞分析和改进方案 总被引:2,自引:0,他引:2
分析了无线局域网802.11标准安全机制及其存在的安全漏洞,介绍了针对这些安全漏洞的常用攻击方法,并提出了确保无线局域网安全的改进方案。 相似文献
4.
5.
2006年伊始,Microsoft Windows便出现了严重的缺陷:WMF安全漏洞.我曾亲眼目睹了基于WMF安全漏洞的网络攻击. 相似文献
6.
7.
随着我国计算机技术的高速发展,目前我国已经普及了计算机的使用,在日常的工作生活中人们也越来越依赖于计算机。但是在计算机软件的使用中经常会出现一些安全漏洞,从而对使用者的财产安全以及个人隐私等产生威胁,严重影响了计算机的正常使用。因此对计算机软件的安全漏洞进行研究,让人们在日常的计算机使用中不会造成损失对于我国计算机技术很有帮助。文章通过分析计算机软件安全漏洞提出了对这些漏洞进行检测和修复的建议。 相似文献
8.
9.
在以调色板图像为载体的密写方法中,最佳奇偶分配(OPA)是一种失真小,因而隐蔽性较好的方法.本文首先指出OPA方法仍存在安全漏洞,因为经OPA密写的图像中存在一些特殊的颜色,这些颜色只能被修改为其它颜色,其它颜色却不能改为这些颜色,分析者可根据这些特殊颜色察觉秘密信息的存在.本文提出一种新的调色板图像密写方法,既保留了OPA失真小的优点,又不存在可被密写分析者利用的奇异颜色.另外,本文还考虑了调色板图像密写的另一个安全漏洞,即由调色板图像生成二值图像并检测其混乱程度可暴露其中是否含有密写信息.根据原始图像局部特性进行自适应嵌入可进一步提高系统的安全性,使这种基于二值图像的分析方法也不能奏效. 相似文献
10.
现如今,计算机技术已经成为现代社会发展的重要技术,其已被广泛地应用到各个领域,技术水平在不断革新,社会应用价值与经济价值在不断提升。对于计算机网络系统而言,网络安全问题变得异常重要,网络安全事故层出不穷,由于网络安全漏洞不断,信息被窥探、窃取等现象十分严重。为此,本文就计算机网络安全漏洞及防范策略进行了分析与探究。 相似文献
11.
Based on multiple-attribute-decision-making and taint tracking,a sensitive-information leakage awareness method was proposed,some relative known vulnerabilities in big data platform was analyzed,target database was extracted and extended,multiple attribute model was built combined with operation semantic,a grey-correlation-analysis and technique for order preference by similarity to an ideal solution based sensitivity measurement was designed in combination of regular operation semantic for sensitive information.A prototype was built based on taint tracking,sensitive-information leakage vulnerabilities could be verified and discovered across big data platforms in this method.The experiment shows that verification for known bugs and discovery for unknown vulnerabilities can be accomplished based on leakage scenarios,which can be regarded as a support for protection in dynamic sensitive information data flow. 相似文献
12.
宣以广 《信息安全与通信保密》2012,(1):80-83
Ajax可为Web应用提供丰富的事件和语义操作,正在成为互联网应用和企业信息系统开发的一种革命性技术。但是,如果对采用Ajax技术而导致Web应用体系结构的变化所引起的安全风险没有足够的重视,Ajax技术将可能使Web应用引入更多的内在安全风险。文中通过对Ajax技术原理的综述,分析了Ajax技术的安全隐患及其可能导致的各种安全漏洞,提出了Ajax应用的安全开发原则,最后讨论了支持Ajax应用安全评测的软件工具。 相似文献
13.
本文首先分析了移动应用的安全现状,提出了移动应用安全评估方法,包括客户端安全评估、服务器安全评估和业务流程安全评估,最后给出了移动应用典型安全漏洞及其检查方法与加固建议,包括敏感数据暴露、鉴权机制缺陷、代码保护不足、公共组件漏洞和应用配置错误。 相似文献
14.
论文首先研究了漏洞产生的原因,探索了系统、软件中漏洞频发的根源,通过对一些典型的蠕虫的研究,分析了蠕虫在漏洞利用方面的发展趋势.之后,探讨了常规的依靠补丁修补漏洞的安全机制,并通过示例说明"漏洞-补丁"的安全模式不能彻底解决因为漏洞而导致的安全问题.最后,文章指出了应对漏洞所引发的安全问题的方法. 相似文献
15.
为解决物联网漏洞数量规模巨大、分类方法欠缺问题,针对已有漏洞分类方法应用于物联网漏洞存在覆盖不完全、交叉重叠现象严重的现状,提出从物联网设备、同源跨平台漏洞以及漏洞的影响效果和漏洞利用复杂度3个维度对物联网漏洞进行科学分类的方法——VCECI。首先研究传统漏洞分类方法的特点和物联网产品研发固有特点,分析物联网漏洞分类不完善的原因。其次,对VCECI方法定量和定性相结合的分类过程进行深入论述。最后,结合实验分析该方法的应用效果。实验结果表明,VCECI方法对物联网漏洞具有较好的标识和去重能力,能够有效表示物联网漏洞的异构多样性特点。 相似文献
16.
17.
The large number of software and the enhancement of complexity have brought severe challenges to the research of software security vulnerabilities.The efficiency of manual research on security vulnerabilities is low and cannot meet the needs of cyberspace security.Therefore,how to apply artificial intelligence techniques such as machine learning and natural language processing to the study of security vulnerabilities has become a new hot spot.Artificial intelligence technology can intelligently process vulnerability information,which can assist in the research of security vulnerabilities and improve the efficiency of research on security vulnerabilities such as vulnerability mining.Firstly,the key technologies of automatic mining,automatic assessment,automatic exploitation and automatic repair of security vulnerabilities were analyzed,which pointed out that the automation of security vulnerability mining was the key of the application of artificial intelligence in the field of security vulnerability.Then,the latest research results of applying artificial intelligence technology to the research on security vulnerabilities was analyzed and summarized in recent years,which pointed out some problems in the application and gave corresponding solutions.Finally,the development trend of intelligent research on security vulnerabilities was prospected. 相似文献
18.
Faiq Khalid Lodhi Syed Rafay Hasan Osman Hasan Falah Awwad 《Journal of Electronic Testing》2016,32(5):569-586
Glitches due to the secondary neutron particles from cosmic rays cause soft errors in integrated circuits (IC) that are becoming a major threat in modern sub 45nm ICs. Therefore, researchers have developed many techniques to mitigate the soft errors and some of them utilize the built in error detection schemes of low-power asynchronous null conventional logic (NCL). However, it requires extensive simulations and emulations for careful and complete analysis of the design, which can be costly, time consuming and cannot encompass all the possible input conditions. In this paper, we propose a framework to improve the soft error tolerant asynchronous pipelines by identifying and formally analyzing the vulnerable paths using the nuXmv model checker. The proposed framework translates the design behavior and specification into a state-space model and the potential vulnerabilities against soft errors in the pipeline as linear temporal logical (LTL) properties. These formally specified properties are then verified on the state-space model and in case of failure counterexamples are obtained. These counterexamples can then be further analyzed to obtain the soft error propagation paths and thus give insights about soft error tolerant approaches to the designers. For illustration, this work provides an analysis and comparison of three state-of-the-art asynchronous pipelines. Formal model and analysis of all the pipelines show that the soft error hardened pipeline is comparatively superior against soft errors but at the expense of almost two times area overhead. 相似文献
19.