Font Size: a A A

Based On The Vulnerability Of Data Blocks Associated With The Model To Explore Technology And Its Application

Posted on:2011-07-11Degree:MasterType:Thesis
Country:ChinaCandidate:E B SuFull Text:PDF
GTID:2208360308466171Subject:Computer application technology
Abstract/Summary:
Computer security has gradually become the focus of public attention since the popularity of the Internet. Security has also become the industry's most headache problem. The affairs that use Trojan horses, viruses and worms to steal user's sensitive personal information happened more and more on the Internet. But most of these malicious codes, their production, infection and transmission are related to computer security vulnerability. With the standardization of software development process and software testing technology development, discovering software vulnerabilities becomes more and more difficult.This thesis studies the causes of software vulnerabilities as well as vulnerability classification, especially discusses Krsul's vulnerability classification model of Purdue University. And we also discuss buffer overflow and provide the source code that contains the buffer overflow. This thesis also studies the traditional techniques of discovering vulnerability: source code auditing, binary code auditing, patch files compare and fuzzing technique. We discuss the principles of fuzzing technique in details; especially the network protocols, file formats and ActiveX vulnerability discovered tools.Fuzzing technology is currently the most used and effective method to discover software vulnerabilities. But becaust of its own shortcomings, it becomes less effective when is used to test applications of complex input interface. This thesis proposes the Theory of Data-block Association Model, and the theory's main idea is dividing the test data into different data blocks, and distinguishing the association between different data blocks.This thesis designs to use XML file describing various network protocols'data format and defines different types of nodes to describe the network protocol command format. In order to discover application vulnerabilities more accurately and reduce the rate of omission, we also study Windows system's dynamic debugging techniques, design and implement a Windows debugger to monitor the target process's debug events, particularly exception event. Windows system is currently the most widely used operationg system, and the vulnerabilities of its core services always bring us great damage, but they areo difficult to detect. So we study Windows system's remote procedure call architecture and communication mechanism, design and implement vulnerability discovered system that bases on the Theory of Data Block Associated Model. The XML file that is used by the system has a good flexibility, and the system can quickly and accurately capture the target process's exception event. The vulnerability discovery system has a great superiority compared with the similar products.
Keywords/Search Tags:Vulnerability, Vulnerability Discovery, Fuzzing Technology, Data Block Association, Remote Procedure Call
Related items