A vulnerability defense method and electronic device
An electronic device and vulnerability technology, which is applied in computer security devices, electronic digital data processing, instruments, etc., can solve the problems of inability to defend against stack overflow attacks and failure of defense effects, so as to reduce the risk of vulnerabilities and improve the ability to resist vulnerabilities. , the effect of increasing the difficulty of positioning
Active Publication Date: 2021-10-15
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF8 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Specifically, when this method is implemented, it usually uses the method of recording the base address of the function call. By comparing whether the base address of the function before and after the call is the same, it is judged whether a stack overflow attack has occurred, and a separate detection module is usually used for stack overflow vulnerability detection. When When the detection module generates a stack overflow vulnerability, it will not be able to defend against stack overflow attacks. In addition, the defense effect will also be invalid when the base address of the recorded function before and after execution is changed.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0042] Below, specific embodiments of the present application will be described in detail in conjunction with the accompanying drawings, but it is not intended as a limitation of the present application.
[0043] It should be understood that various modifications may be made to the embodiments disclosed herein. Accordingly, the following description should not be viewed as limiting, but only as exemplifications of embodiments. Those skilled in the art will envision other modifications within the scope and spirit of the disclosure.
[0044] The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and, together with the general description of the disclosure given above and the detailed description of the embodiments given below, serve to explain the embodiments of the disclosure. principle.
[0045] These and other characteristics of the present application will become apparent from the following...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The embodiment of the present application provides a vulnerability defense method and an electronic device. The method includes: constructing a mimic defense framework, including an input agent module, a heterogeneous task pool, a negative feedback control module, and a summary decision module; Input object program data; the heterogeneous task pool compiles the received object program data based on multiple languages to form multiple program segments, and processes the multiple program segments to form multiple independently running executive tasks ; The summary decision module obtains the execution results of the multiple executive tasks, and determines the target program segment that will generate a loophole based on the execution result; the negative feedback control module eliminates the target program segment. The loophole defense method of the present application changes the program data through mimetic transformation inside the program, which not only can actively defend against loopholes, but also increases the difficulty of function base address location and improves the program's own defense capability.
Description
technical field [0001] The embodiments of the present application relate to the field of network defense, and in particular to a vulnerability defense method and electronic equipment. Background technique [0002] In the field of network security, software vulnerability analysis is a very important part. Among many types of vulnerabilities, buffer overflow vulnerability is the most common type of vulnerability. Buffer overflow, according to the location of the buffer, is divided into stack overflow and heap overflow. Stack buffer overflow refers to the overflow of the buffer by writing the content exceeding its length to the buffer of the program, thereby destroying the stack of the program, making the program execute the data constructed by the attacker instead, so as to achieve the purpose of executing malicious code . [0003] During the operation of a software system, stack overflow is an important cause of software system instability. Due to the sporadic nature of sta...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/566
Inventor 庄新豪
Owner BEIJING TOPSEC NETWORK SECURITY TECH