摘要
本文根据有限状态自动机和模型检测的思想,结合模糊数学对行为分析的优势,提出基于模糊度量的软件漏洞检测技术,并利用漏洞属性分解和模糊状态转移函数使此技术具有自学习机制和更高效广泛的检测能力。实验测试了利用模糊度量的软件漏洞检测技术可以提高漏洞发现率和给出漏洞的危急程度。
According to finite state automata and model checking,and the advantage of fuzzy math on the behavior analysis,vulnerability detection method based on fuzzy measure.We exploited vulnerability property of decomposition and fuzzy state transition function to make the model more efficient with a wide range of testing capabilities and self-learning mechanism. Experimental test of software using fuzzy metric detection techniques can increase the vulnerability discovery rate and given the extent of the critical vulnerabilities.
出处
《网络安全技术与应用》
2010年第4期12-14,共3页
Network Security Technology & Application
基金
国家863项目(2009AA01Z403)
国家863项目(2009AA01Z435)资助
关键词
漏洞检测
模糊度量
自动机
模型检测
vulnerability detection
fuzzy measure
automata
model checking
