基于补丁结构化图形比较的漏洞发掘技术-计算机系统结构专业论文.docxVIP

II II Abstract During software development, using unsafe codes led to the existence of many different types and causes of the vulnerabilities. Analyzing and preventing these vulnerabilities can effectively maintain system security. To these vulnerabilities, security researchers have put forward many ways to explore and develop the corresponding debugging tools. Because of continually improving the ability and speed to analyze vulnerabilities, software developers began to close the technical details about vulnerabilities, but only provided a corresponding patch file. As a result, vulnerabilities-mining technology based on analysis of patch file became an important vulnerabilities-mining technology. The technology can be effective used to find the differences of software between before and after patching. Thereby obtain the details information of vulnerabilities which be patched. So it is a hot topic in the sphere of information security, and has significance in virus mutation analysis, the use vulnerabilities. In response to the technology, contrasted several major mining techniques, based on classification of vulnerabilities and the analysis of structural graphics, the vulnerabilities mining techniques based on comparison of structural graphics of patches is put forward. The technology compares between different versions of the same file, and makes use of semantic differences of before and after patching to find different areas, thereby positions the location where vulnerabilities occurs. The method is based on structural graphics. Based on the original method, structural signature of call graph was used to compare nodes firstly, and structural signature of control flow graph was combined to match nodes secondly. Then, according to the smallest product of prime numbers, it do further comparison in not-matching nodes. Adoption of the above three steps of the match, it can position the differences between execute codes and complete analysis. Key words: patch, vulnerab