中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
面向软件安全缺陷的静态代码分析及防御
作者: 罗宇翔
答辩日期: 2007-05-29
授予单位: 中国科学院软件研究所
授予地点: 软件研究所
学位: 博士
关键词: 缺陷检查 ; 静态代码分析 ; 缺陷定义语言 ; 安全防御 ; 地址空间随机化
其他题名: Static Code Analysis and Defense Oriented to Software Security Bug
摘要: 随着软件规模的日益增大,软件变得越来越复杂。各种软件安全缺陷引起了严重的安全问题,甚至造成资源的重大损失。为了降低这种风险和损失,软件开发人员在实施软件工程的过程中采取了各种手段。静态代码分析技术作为其中一种重要的手段,已经被广泛地用于查找各种软件安全缺陷。但现有的静态代码分析工具,尤其是开源工具,在分析的规模和准确性上还存在较大的问题。本文设计和实现的静态代码分析系统(ABAZER)在增大分析规模和提高准确性上都采取了有效的方法。 本文对ABAZER系统的设计和实现进行了详细的描述。 ABAZER提供了一种缺陷定义语言(BDL),使得用户能够自定义时序逻辑类型的安全缺陷。为了使缺陷定义更为准确,BDL语言还支持一定程度的值分析。ABAZER采用控制流分析等程序分析技术,并且引入等值和别名分析以提高准确性,还通过源代码优化和设置多种不同级别的缓存,以提高检测速度和分析规模。本文将ABAZER系统实际应用于大型操作系统的源代码,实验结果表明,ABAZER具有较高的实用性和有效性。 缓冲区溢出是一种最为常见的软件安全缺陷类型,本文研究了针对缓冲区溢出的一种防御机制——地址空间随机化。本文描述了地址空间随机化在FreeBSD6.0中的设计和实现,并对其防护效果进行了理论评估和实际测试。
英文摘要: As software scale augments day by day, software becomes more and more complicated. Various kinds of security bugs hidden in software have caused serious security problems and even great losses of resources. Software developers adopt many measures during software development in order to reduce the risk. As an important one of these measures, static code analysis has been used to find software security bugs. But the present static code analysis tools, especially those that are open source, can not achieve good complehensive effect on scale and accuracy. ABAZER, an automated bug analysis system given in this paper, adopts some effective methods to resolve the problem. This paper describes the design and implmentation of ABAZER in detail. ABAZER provides a language called BDL, which can be used by users to define various temporal logic security bugs. BDL adopts state machine to describe this kind of bugs. In order to define bugs more accurately, BDL language provides a kind of value-variable to support value analysis partly. ABAZER uses control flow analysis technique and some other program analysis techniques to analyze source code. Equivalence and alias analysis are supported in order to improve accuracy. To improve speed and scale, ABAZER implements several different-level caches and provides a new algorithm to optimize source code. We have applied ABAZER on real-world source code. One application is on the kernel of a secure operating system, and the result indicates that ABAZER is practical and effective. As buffer overflow is a popular kind of software security bug, we conduct study and experiment on address space randomization, an effect dynamic defense mechanism against buffer overflow attacks. This paper describes the design and implementation of the address space randomization in FreeBSD6.0, and the effectiveness evaluation of defense is also given.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/5670
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
10001_200428015029034罗宇翔_paper.doc(14889KB)----限制开放-- 联系获取全文

Recommended Citation:
罗宇翔. 面向软件安全缺陷的静态代码分析及防御[D]. 软件研究所. 中国科学院软件研究所. 2007-05-29.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[罗宇翔]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[罗宇翔]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace