期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于内存保护技术的二进制内存破坏型漏洞攻击防护方法研究 被引量:1

Research on Memory-corruption Vulnerability Defense Methods Based on Memory Protection Technology
在线阅读 下载PDF
导出
摘要 新冠疫情在全球的爆发,进一步加速了全球各行业数字化转型的进程.信息化资产价值越来越高,信息安全问题随之而来.漏洞攻击是近年来安全事件频发的根源,漏洞防护能力直接影响了系统的安全,如何在没有补丁的情况下防止漏洞利用成为迫切需求.漏洞利用攻击防护也成为信息安全攻防对抗领域的一个重要研究内容,对二进制漏洞防护方法进行研究,提出了一种新的方法来应对日益增长的漏洞攻击. Since its outbreak of COVID-19 in the world, the process of digital transformation has been further accelerated in all sectors around the world. With the increasing value of information assets, information security problems follow. Vulnerability attacks are the root cause of frequent security incidents in recent years. Vulnerability defense ability directly affects the security of the system. How to prevent vulnerability exploitation without patches has become an urgent need. Vulnerability exploitation defense has also become an important research content in the field of attack and defense confrontation of information security. This paper studies the binary memory-corruption vulnerability defense methods and puts forward a new method to deal with the increasing vulnerability attacks.
作者 姚纪卫 杨芳 Yao Jiwei;Yang Fang(Anxinsec(Beijing)Technology Co.,Ltd.,Beijing 100085)
机构地区 安芯网盾(北京)科技有限公司
出处 《信息安全研究》 2022年第7期694-699,共6页 Journal of Information Security Research
关键词 内存保护技术 内存破坏型漏洞 网络安全 行为监控 漏洞攻击防护 端点安全 memory protection technology memory-corruption vulnerability network security behavior monitoring vulnerability defense endpoint security
分类号 TP309.5 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献7

二级参考文献57

  • 1罗谦,舒辉,曾颖.二进制文件结构化比较的并行算法实现[J].计算机应用,2007,27(5):1260-1263. 被引量:4
  • 2Flake H. Structural comparison of executable objects [C]// Proceedings of the IEEE Conference on Detection of Intrusions, Malware, and Vulnerability Assessment. Dortmund, Germany: SIG SIDAR, 2004.
  • 3Sabin T. Comparing binaries with graph isomorphisms [Z/OL]. (2011-06 25), http= //razor. bindview. com/publish/papers/comparing-binaries, html, 2004.
  • 4Brumley D, Poosankam P, Song D, Jiang Z. Automatic patch-based exploit generation is possible: Techniques and implications, security and privacy [C]// Proceedings of the IEEE Symposium on Security and Privacy. California, USA: IEEE Computer Society, 2008:143 -157.
  • 5eEye Security. eEye binary diffing suite (EBDS) [Z/OL]. (2011-06-25), http://research. eeye. com/html/tools/ RT20060801 1. htm 1. Version 1.0.5.
  • 6Brumley D, Caballero J, Liang Z, Newsome J, Song D. Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation [C]// Proceedings of the USENIX Security Symposium. Boston, USA: USENIX, 2007.
  • 7Software Security Research. Group, School of Software and Mieroelectronics, Peking University. [Z/OL]. (2011 06-25), http : / / www. pku-exploit, corn/.
  • 8Microsoft Corporation [Z/OL]. (2011-06-25), http: //tcchnet. microsoft, com/en-us/security/bulletin/mslO - 015.
  • 9Microsoft Corporation [Z/OL]. (2011-06-25), http microsoft, com/en us/security/bulletin/ms11- 010.
  • 10Microsoft Corporation [Z/OL]. (2011-06-25), http: microsoft, com/en us/security/bulletin/ms10 - 011.

共引文献32

同被引文献10

引证文献1

信息安全研究
2022年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部