Research And Design Of Security Compile Options Evaluation System

On the one hand,the rapid development of network technology has brought convenience to people's life. On the other hand, it also brings a lot of security problems, which often leads to a series of serious consequences of information leakage and so on. The causes of network security problems are various, in which buffer overflow is a very common and very dangerous security vulnerabilities. GNU Compiler Collection provides security compiler options to effectively guard against buffer overflow attacks,reducing the possibility of network attacks. Therefore, effective detection of executable files is very meaningful. However, at present most of the tools can only detect single platform executable file, unable to achieve large-scale detection, cross platform,and can not visually display the results and security level assessment.In this paper, I first research the underlying implementation of the GCC security compiler option and the basic theory of continuous integration system. And then I design a set of security compiler options evaluation system by relying on a company's continuous integration system.The system can detect the software on each product line, in particular, can be cross platform to detect executable file of different operating systems and rating and scoring. The system automatically determine whether security option at compile time to be add successfully, on the one hand eliminating the tedious manual work, on the other hand, saving a lot of human resources, while ensuring the safety of the executable file.This paper focuses on the implementation process of the security compiler option evaluation system, and the main innovations are as follows:(1) On the basis of the original testing tool to add a rating and scoring function, the page can be intuitive display detection results, to facilitate users to view.(2) This system can detect different operating system compiled executable file.Users need not pay too much attention to the testing environment. The system will automatically detect the test environment,and detect the corresponding selection tool, cross platform.(3)This system can automate the implementation of the security compiler option detection work, without wasting a lot of manpower to carry out anti - assembly code analysis, etc.