恶意后门代码审计分析技术

Malicious Backdoor Code Audit Analysis

现有代码安全审计主要是关注语言自身的缺陷,即语言所包含的API函数的风险,无法理解软件源代码中逻辑和核心资产与外界的关系,更无法判断源代码中所存在的恶意后门代码,因此,外包开发团队或者恶意开发人员设置的后门代码将无法查找和定位。为了解决上述现有方案的缺点和盲点,在现有的代码安全审计的基础之上,结合最小攻击面和保护资产列表,分析所有受保护的信息资产与攻击面的关系,查找保护资产在系统内对所有代码元素的影响,并审查其相关路径,找出不期望的代码执行路径,从而达到定位恶意代码功能。识别恶意程序,降低源代码安全风险。

The purpose of this thesis is to solve the shortage of existing solutions security audit, the effect of find out, not program source combined with the minimum attack surface and protect assets list, attack, find the protection of assets of all code elements in the the desired code execution path, so as to achieve the positioning code, reduce security rises. and blind spots, on the analysis all the protected system, and the review o function of malicious code basis of existing code information assets and f the related path to Identify the malicious