摘要
介绍了一种利用厂商发布的漏洞补丁信息分析漏洞细节的方法。该方法的关键是利用PE文件在安装补丁前后的不同,综合运用模式比较的方法建立模式匹配图,从而分析处漏洞的细节以及问题代码。该方法函数比较算法的清晰,以及模式图的差异的直观性,很容易分析出问题代码的位置,从而有效地提高了漏洞分析的成功率。
The paper introduces a method which used the patch information to analyse vulnerability detail. The key of that method is make use of the dissimilarity of PE document in the gearing repair Vulnerability in front and back , the method establishment mode of the comprehensive usage mode comparison matches diagram, analyzing a loophole thus of the detail and the problem code. The method's function comparison calculate way of clear, and the difference of the mode diagram keep a view, the position of the very easily analytical wrong code, raised loophole analytical success rate thus and availably.
出处
《信息技术》
2008年第3期17-20,共4页
Information Technology
基金
黑龙江省自然科学基金项目(F2007-06)
关键词
模式比较
漏洞分析
补丁
逆向工程
mode-comparative
Vulnerability-Analyzing
patch, reverse engineering
