Database virtual patch protection method

Abstract

The invention discloses a database virtual patch protection method. The method comprises the steps that patch information released by a database manufacturer is received; reverse analyses of machine instructions are conducted on a database before and after the patch, the machine instructions of a binary system in an executable file are restored into assembly language codes in a reverse direction; the assembly language codes are analyzed and expressed as a mutual call relationship for different functions and between the functions, binary files are converted into diagraphs, call relationships and function control flow diagrams of the binary files after the anti-compilations are obtained through analyses, the basic block number, the jump side number and other function call numbers in the flow diagram are controlled through calculation, and the signatures of the functions are generated; the functions are paired according to the function signatures, codes triggering security loopholes are positioned according to the paired functions and non-paired functions and through checks on the non-paired functions; effective attack graphs are generated based on the loophole information and the positioned codes which trigger security loopholes, and virtual patch protection rules are established.

Description

technical field [0001] The invention belongs to the field of database security and relates to a database virtual patch protection method. Background technique [0002] The database system is the basic platform in the information system. The key business systems of many government agencies, military departments, and enterprise companies are stored in the database. If the security of the database cannot be guaranteed, the application system on it will also be accessed or destroyed illegally. Although the current mature commercial database management systems have security functions such as identity authentication, access control, and auditing, which provide certain security guarantees for database security, there are still the following problems in database security: [0003] 1. Database vulnerabilities are on the rise. With the improvement of user requirements for the functions of the database management system, the scale of the database management system becomes larger and l...

AI Technical Summary

Problems solved by technology

With the improvement of user requirements for the functions of the database management system, the scale of the database management system becomes larger and larger, and the risk of security vulnerabilities in the database management system continues to increase. If these vulnerabilities are ignored, the database faces the risk of core data being leaked

[0004] 2. Hastily upgrading the database may lead to application exceptions

Database upgrades and patching require the cooperation of database administrators, application system administrators, and other parties. If the system changes that may be caused during the database upgrade and patching process are not fully considered, the application may not work normally after the database system upgrade

[0005] 3. Database patches cannot prevent preset backdoors

[0006] Therefore, database administrators are faced with such a predicament: database loopholes must be patched, and patching loopholes faces the risk of affecting applications, but no matter what, they cannot fundamentally prevent the helpless situation of database backdoors

Images