• 首页
  • 期刊简介
  • 编委会
  • 投稿指南
  • 收录情况
  • 杂志订阅
  • 联系我们
引用本文:葛立欣.基于系统调用短序列的软件漏洞检测方法研究[J].软件工程,2017,20(2):12-15.【点击复制】
【打印本页】   【下载PDF全文】   【查看/发表评论】  【下载PDF阅读器】  
←前一篇|后一篇→ 过刊浏览
分享到: 微信 更多
基于系统调用短序列的软件漏洞检测方法研究
葛立欣
(包头职业技术学院,内蒙古 包头 014030)
摘 要: 软件受到攻击后将在所执行的系统调用状况中有所体现,因此可将基于系统调用的入侵检测技术应用于软 件漏洞的检测。本文针对无源码的可执行程序,引入系统调用节点和系统调用上下文信息的概念来刻画软件行为的动态 特性和漏洞的位置信息,利用改进的STIDE算法构造软件正常行为特征库来检测并定位漏洞。实验结果表明该方法能够 准确获取软件行为信息,且具有较强的漏洞检测能力。
关键词: 漏洞检测;行为建模;系统调用短序列;STIDE算法;函数调用链
中图分类号: TP393.08    文献标识码: A
A Study of the Software Vulnerability Detection Method Based on the Short Sequence of System Calls
GE Lixin
( Baotou Vocational & Technical College, Baotou 014030, China)
Abstract: After the software is attacked,the influence will be reflected in the status of the executed system call. Therefore,the intrusion detection technology based on system calls can be applied into the detection of software vulnerabilities.In order to analyze the executable program without source code,the concept of the system call node and the context information are introduced to depict the dynamic behavior characteristics of the software and the localization information of the vulnerabilities in this paper.Furthermore,the vulnerabilities can be detected and located by building the normal behavior characteristics library based on the improved STIDE algorithm.The experiment results show that the behavior information of the software can be obtained and the vulnerabilities can be detected accurately by applying the above method.
Keywords: vulnerability detection;behavior modeling;the short sequence of system calls;STIDE algorithm;function call chain


版权所有:软件工程杂志社
地址:辽宁省沈阳市浑南区新秀街2号 邮政编码:110179
电话:0411-84767887 传真:0411-84835089 Email:semagazine@neusoft.edu.cn
备案号:辽ICP备17007376号-1
技术支持:北京勤云科技发展有限公司

用微信扫一扫

用微信扫一扫