Vulnerability Attack And Defense And Vulnerability Database Design

The research of computer system security vulnerability as well as the vulnerability designing is of great significance to enhance the security of computer system and to reduce security risk.First, this paper introduces the vulnerability theoretical study at home and abroad, as well as the well-known vulnerability database. It introduces the theoretical foundation of vulnerability technology, and describes the definition of security vulnerability. It summarizes the characteristics of the security vulnerability and puts forward the principle of the classification of security vulnerability.Second, this paper focuses on buffer overflow attacks and to prevent vulnerability in technology research. Buffer overflow attacks on the internet are the most extensive means of attack. In this paper the concept of a buffer overflow vulnerability and classification, from the operating system and system memory management perspective on the formation of a buffer overflow vulnerability principle. This paper focuses on Buffer Overflow Vulnerability attack on the technology of the two buffer overflow vulnerabilities examples of the use of the attacks, attacks on the vulnerability in the process of network communications, debug, reverse engineering, and other related technologies. It also made a variety of buffer overflow prevention technology, the buffer overflow detection technology for a detailed discussion, the establishment of a complete prevention system, with a view to effectively reduce the threat of a buffer overflow.Finally, vulnerability in the security features on the basis of the analysis is to establish security vulnerability classified system, as well as the theoretical guidance to achieve a design based on international standards CVE large-capacity database system security vulnerability. As one of the vulnerability in the database application, database based on this loophole, the paper put forward the innovation of a loophole issued by the norms, given the vulnerability in the general steps to release and related measures, the state regulatory agencies in the implementation of our own vulnerability management provide a reference for policy.