摘要
本文首先通过对软件安全漏洞发掘相关技术的研究和分析,针对静态分析和动态分析的优缺点,提出一套比较实用的软件安全漏洞挖掘技术,然后使用该技术对自编的overflow-strepy.exe和no-loop-overflow-strepy.exe两个实际应用程序进行检测,准确的检测出了程序中的漏洞。
At first, according to the research and analysis to the technology about the software security vulnerabilities, and dealing with the strengths and weaknesses of the static and dynamic analysis, this paper proposed a more practical mining of software security vulnerabilities, and then use the selfedited technology to detect two practical applications, which are the overflow-strepy.exe and no-loopoverflow-strepy.exe, and it detected the loopholes accurately.
出处
《山东纺织经济》
2010年第5期107-109,共3页
Shandong Textile Economy
关键词
软件安全
静态分析
动态检测
漏洞挖掘
software safety, static analysis, dynamic detection, loophole mining
