| 防范入侵的静态分析技术比较 |
| |
| 引用本文: | 吴春梅,夏耐,茅兵.防范入侵的静态分析技术比较[J].计算机工程,2006,32(3):174-176,253. |
| |
| 作者姓名: | 吴春梅 夏耐 茅兵 |
| |
| 作者单位: | 南京大学软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093;南京大学软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093;南京大学软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093 |
| |
| 摘 要: | 建立了一个具有常见漏洞的测试代码,然后通过扫描测试代码来比较3个典型应用静态分析技术来防范入侵的常用工具。比较结果揭示了检查漏洞库函数的工具漏报率较低,但误报率较高;基于约束分析的工具误报率较低,但漏报率较高;利用软件模型来检测漏洞的工具在检测违背指定安全规则的漏洞时漏报率较低,但在检测具有许多安全漏洞类型的程序时漏报率却非常低。
|
| 关 键 词: | 防范入侵 静态分析 缓冲区溢出 格式化串溢出 竞争条件 |
| 文章编号: | 1000-3428(2006)03-0174-03 |
| 收稿时间: | 2005-01-02 |
| 修稿时间: | 2005-01-02 |
A Comparison of Static Analysis Technology for Intrusion Prevention |
| |
| WU Chunmei,XIA Nai,MAO Bing.A Comparison of Static Analysis Technology for Intrusion Prevention[J].Computer Engineering,2006,32(3):174-176,253. |
| |
| Authors: | WU Chunmei XIA Nai MAO Bing |
| |
| Affiliation: | 1. State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093; 2. Department of Computer Science and Technology, Nanjing University, Nanjing 210093 |
| |
| Abstract: | A testbed which includes the common vulnerabilities is built. The paper compares three typical and publicly available tools by applying them to the testbed individually for sake of preventing intrusion. The result reveals that the tools building on finding vulnerable library functions have low false negatives rates but high false positives rates, the constrained based tools have low false positives rates but high false negatives rates, and the module checkers have high true positives rates when finding attacks against given security rules, but have high false negatives rates when finding many kinds of vulnerabilities. |
| |
| Keywords: | Intrusion prevention Static analysis Buffer overflow Format string bugs Race condition |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
