| With the development of science and technology, information security has been concerned increasingly. Embedded code has been the target of attackers since it stands at the first floor of information system and directly controls hardware device. However, the security defense for embedded code develops actually slowly. Embedded code which is the closest code to hardware device directly influences the security of in formation in the whole system. Therefore the analysis of the security vulnerability in embedded code and researches on the detection techniques have great significance to the information system security defense.This thesis focuses on the researches of security vulnerability in embedded code and the detection methods, the goal that detecting of various types of security vulnerability is achieved. The main work and contributions are as follows:1. A framework is designed to detect various types of security vulnerability in embedded code in different platform. Because of the limitation of current detection methods in capability and expansibility, current detection methods can hardly meet the demands of vulnerability detection for embedded code. Security vulnerability in various embedded code has been analyzed deeply, and then a framework is designed for detecting security vulnerability hided in embedded code.2. In order to deal with different platform embedded code, a method of generating intermediate presentation is presented. Through interpreting assemble instructions by program, this method solves the problem that excessive instruction templates are needed to be wrote in the implement of generating intermediate presentation.3. In order to realize the unified detection, a behavior-tree structure is designed for the representation of behavior characteristics of security vulnerability, which realizes the unification presentation of various types of security vulnerability.4. Aiming at the detection of security vulnerability that hidden in the embedded code, a behavior-based determination method is presented.With this method, the goal that detection of security vulnerability is achieved.The method of detection which is presented by this thesis gets an initial implementation and application in ATCD(Analysis Tool for embedded-Code Defense), which is a protype system aiming at security vulnerability detection has been used in national 863 projects. The method is compared with common detection methods in the end. The experimental results and the comparison show that ATCD gives a fine performance in detecting security vulnerability for embedded code, and it has stronger capability than the others. |
PDF Full Text Request