基于模式比较的漏洞分析技术研究

Research on analyzing technology of vulnerability based on mode-comparative

介绍了一种利用厂商发布的漏洞补丁信息分析漏洞细节的方法。该方法的关键是利用PE文件在安装补丁前后的不同,综合运用模式比较的方法建立模式匹配图,从而分析处漏洞的细节以及问题代码。该方法函数比较算法的清晰,以及模式图的差异的直观性,很容易分析出问题代码的位置,从而有效地提高了漏洞分析的成功率。

The paper introduces a method which used the patch information to analyse vulnerability detail. The key of that method is make use of the dissimilarity of PE document in the gearing repair Vulnerability in front and back , the method establishment mode of the comprehensive usage mode comparison matches diagram, analyzing a loophole thus of the detail and the problem code. The method＇s function comparison calculate way of clear, and the difference of the mode diagram keep a view, the position of the very easily analytical wrong code, raised loophole analytical success rate thus and availably.