| 一种有效的Cisco IOS映像注入攻击分析方法 |
| |
| 引用本文: | 曾 诚,刘胜利,肖 达,陈立根. 一种有效的Cisco IOS映像注入攻击分析方法[J]. 计算机应用研究, 2013, 30(12): 3775-3778 |
| |
| 作者姓名: | 曾 诚 刘胜利 肖 达 陈立根 |
| |
| 作者单位: | 解放军信息工程大学 数学工程与先进计算国家重点实验室, 郑州 450000 |
| |
| 基金项目: | 郑州市科技创新团队项目(10CXTD150) |
| |
| 摘 要: | 针对Cisco IOS映像注入攻击提出了一种基于虚拟化的恶意代码分析方法。通过虚拟化技术的研究, 设计实现了虚拟化分析平台CDAP(Cisco dynamic analysis platform), 为IOS系统提供了运行环境, 在此基础上, 采用指令信息截获与过滤技术、数据跟踪技术对注入到IOS映像中的恶意代码进行分析。使用该方法可对遭受IOS注入攻击的多型号多版本的Cisco IOS映像进行分析。实验结果证明了该方法的有效性。
|
| 关 键 词: | Cisco IOS 虚拟化技术 代码分析 指令截获 指令过滤 数据跟踪 |
Effective method for analysis of Cisco IOS image injection attack |
| |
| ZENG Cheng,LIU Sheng-li,XIAO D,CHEN Li-gen. Effective method for analysis of Cisco IOS image injection attack[J]. Application Research of Computers, 2013, 30(12): 3775-3778 |
| |
| Authors: | ZENG Cheng LIU Sheng-li XIAO D CHEN Li-gen |
| |
| Affiliation: | State Key Laboratory of Mathematical Engineering & Advanced Computing, PLA Information Engineering University, Zhengzhou 450000, China |
| |
| Abstract: | This paper proposed a method for analysis of malicious code to resist the injection attack of Cisco IOS image based on the virtualization. After the research of visualization, it designed and realized a platform called CDAP to run the IOS. On the basis of CDAP, it analyzed the malicious code injected in the IOS image, with data tracking and instruction interception and filtration technique. Using this method, it analyzed multiple models and versions of IOS images that suffered injection attack. The result of experiment demonstrates this method is effective. |
| |
| Keywords: | Cisco IOS virtualization code analysis instruction interception instruction filtration data track |
|
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
