Research On Critical Vulnerability Mining And Analyzing Technology Based On CVE

In recent years, some information security technologies and relevant products have already obtained breakthrough development, but research of technology in software vulnerabilities remains passive and laggard. Meanwhile, with the global prevail of Windows Operation System (OS), vulnerabilities based on this OS are emerging in endlessly, and the effect caused by critical vulnerabilities is the most serious. Therefore, researching technology of Windows critical vulnerability is gradually coming into the eyeshot of the security researchers.A critical vulnerability means its exploitation could allow the propagation of an Internet worm without user action, and it is caused data processing error in a software. The Microsoft severity rating system provides a single rating for any vulnerability, and the word 'critical' describes the most serious rating. If hackers make use of this vulnerability successfully, they can take an attack without the system user's attention, and control the OS with the current user's permission.The researching technology of critical vulnerability includes vulnerability mining and vulnerability analyzing. Vulnerability mining technology means seeking for unknown vulnerabilities, applying various kinds of technologies and tools for potential vulnerabilities in software. Vulnerability analyzing technology means deep analysis on the vulnerabilities discovered, making a good base for the management of the vulnerabilities. Mastering the researching technology of critical vulnerability neatly, we can take more active and reasonable measures on these vulnerabilities.However, traditional vulnerability researching technologies haven't shown enough value and potential. About a single vulnerability, the work done by security researchers exist much repeat content, and the efficiency or effect also has some limitations. This text analyzes the basic principles and the limitations of traditional vulnerability researching technologies, puts forward a new vulnerability mining and a new analyzing technology, and also gives the designing of the technologies on Windows2000/XP/2003 platform. This has greatly improved the actual using value of vulnerability researching technologies.This text sets out from the essence of studying Windows critical vulnerability, after deep analysis of the basic principles of traditional technologies, has summarized technologic difficult points and limitation existing. In the line with the question of putting forward afterwards, solving the thinking of the question, has respectively proposed an expansion method of traditional vulnerability mining and analyzing technology. On one hand this text analyzes the commonness of communication based on TCP/IP, has deeply researched the vulnerability mining technology based on protocol shielding, and given the designing of the corresponding vulnerability mining apparatus on Windows2000/XP/2003. Studying the structure of Windows PE on the other hand, combines graphic thinking with vulnerability analysis, has deeply researched the vulnerability analyzing technology based on pattern comparing, and also given the designing of the corresponding vulnerability analyzing apparatus on Windows2000/XP/2003. The technologies proposed above have greatly improved the efficiency, effect, and the actual using value of vulnerability researching technologies.The technologies and the corresponding designing provide new ideas for research of Windows critical vulnerability. They are been further researched at present, and will play a more important role in the future applications.