现代电子技术2016,Vol.39Issue(9):99-102,4.DOI:10.16652/j.issn.1004-373x.2016.09.022
基于软件体系结构分析的漏洞挖掘技术研究
Research on vulnerability mining technology based on software architecture analysis
唐萍 1张国强1
作者信息
- 1. 国网天津市电力公司 电力科学研究院,天津 300384
- 折叠
摘要
Abstract
To improve the efficiency of vulnerability mining,the vulnerability mining system Fast Fuzzing based on soft⁃ware architecture analysis was designed and implemented in combination with the advantages of symbolic execution,stain analy⁃sis and fuzzing test. This system is composed of architecture analysis,instruction tracing,symbolic execution,stain analysis and dynamic testing. To improve the system efficiency,the traditional technology method was optimized. The experimental re⁃sults show that the Fast Fuzzing system can effectively detect the security problems in IE8 and IE10,successfully trigger multi⁃ple vulnerabilities in IE8 and IE10,which is suitable for the safety testing of common software.关键词
模糊测试/体系结构分析/漏洞挖掘/安全漏洞Key words
fuzzing test/architecture analysis/vulnerability mining/security vulnerability分类
信息技术与安全科学引用本文复制引用
唐萍,张国强..基于软件体系结构分析的漏洞挖掘技术研究[J].现代电子技术,2016,39(9):99-102,4.
