Vulnerability defense method and electronic device
An electronic device and vulnerability technology, applied in computer security devices, electrical digital data processing, instruments, etc., can solve the problems of being unable to defend against stack overflow attacks and failure of defense effects, so as to reduce the risk of loopholes and improve the ability to fight against loopholes , The effect of strengthening the difficulty of positioning
Active Publication Date: 2020-11-17
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF7 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Specifically, when this method is implemented, it usually uses the method of recording the base address of the function call. By comparing whether the base address of the function before and after the call is the same, it is judged whether a stack overflow attack has occurred, and a separate detection module is usually used for stack overflow vulnerability detection. When When the detection module generates a stack overflow vulnerability, it will not be able to defend against stack overflow attacks. In addition, the defense effect will also be invalid when the base address of the recorded function before and after execution is changed.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0042] Hereinafter, specific embodiments of the present application will be described in detail with reference to the accompanying drawings, which are not intended to be limitations of the present application.
[0043] It should be understood that various modifications may be made to the embodiments disclosed herein. Accordingly, the following description should not be regarded as limiting, but merely as exemplifications of embodiments. Those skilled in the art will envision other modifications within the scope and spirit of this disclosure.
[0044] The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the present disclosure and, together with the general description of the disclosure given above and the detailed description of the embodiments given below, serve to explain the principles of the disclosure. principle.
[0045] These and other features of the present application will become apparent from th...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The embodiment of the invention provides a vulnerability defense method and an electronic device, and the method comprises the steps: constructing a mimicry defense architecture which comprises an input agent module, a heterogeneous task pool, a negative feedback control module and a summary judgment module; inputting target program data into the input agent module; enabling the heterogeneous taskpool to compile received target program data based on multiple languages to form multiple program segments, and process the multiple program segments to form multiple independently running executionbody tasks; enabling the summary judgment module to obtain execution results of the plurality of execution body tasks, and determine a target program segment which generates vulnerabilities based on the execution results; and enabling the negative feedback control module to eliminate the target program segment. According to the vulnerability defense method, program data is changed by mimicry transformation on the interior of the program, so that vulnerability can be actively defended, the function base address positioning difficulty can be increased, and the defense capability of the program is improved.
Description
technical field [0001] The embodiments of the present application relate to the field of network defense, and in particular, to a vulnerability defense method and an electronic device. Background technique [0002] In the field of network security, software vulnerability analysis is a very important part. Among the many types of vulnerabilities, buffer overflow vulnerability is the most common type of vulnerability. Buffer overflow, according to the location of the buffer, is divided into stack overflow and heap overflow. Stack buffer overflow refers to the overflow of the buffer by writing content that exceeds its length to the program's buffer, thereby destroying the program's stack and causing the program to execute the data constructed by the attacker in order to achieve the purpose of executing malicious code. . [0003] During the operation of a software system, stack overflow is an important cause of instability of the software system. Due to the occasional characte...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 庄新豪
Owner BEIJING TOPSEC NETWORK SECURITY TECH