| The popularization of software has brought people much convenience and changed our life at the same time. But there are lots of errors hided in software, which will cause vulnerabilities or security hole in system and bring huge risks. Now many institutes and companies pay more attention to finding methods to avoid software errors. The paper analyzes the software vulnerability, the most dangerous kind of errors in software. Promotes a method for finding software vulnerability based on the technology used in the reverse engineeing domain, which improves exactness on original vulnerability analysis method.First, the dissertation points out that the vulnerability is the most dangerous security hole of software, expounds background and studies of this field, and shows the advantages and disadvantages of original static and dynamic vulnerability analysis method. Then we brings a new vulnerability analysis method, which comes from reverse engineeing method that combining static and dynamic analysis methods to improve it's exactness and performance, so it can conveniently find vulnerability of program binary-code. Following the method, we finish a complete design of a software vulnerablity reverse analyze system(SVAS). It includes the functions framework, modules design and partition and development kit of system. At last, we analyze the method of software vulnerablity analyze and give out a conclusion of our SVAS sytem. |
PDF Full Text Request