期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

“心脏出血”漏洞的特点分析和对策建议 被引量:2

Analysis and Suggestion of the Heartbleed
下载PDF
导出
摘要 概括介绍"心脏出血"漏洞的基本概念、发现和公布、攻击和演变、处理和防范等有关情况,从安全通信协议软件、开源软件地位作用、开源软件代码管理和开源软件分析运用等方面分析特点并提出对策建议。 The paper briefly introduces the bug of Heartbleed including its basic concept and the process of finding,publishing,exploiting,evolving,repairing and preventing it.Then the paper analyzes the features of Heartbleed and presents some suggestions from four aspects which are as follows:safe communication protocol software,the importance of open source software,code management of open source software and the analysis and exploitation of open source software.
作者 吴彤 匡兴华 傅中力
机构地区 国防科学技术大学国家安全与军事战略研究中心
出处 《国防科技》 2014年第5期27-30,共4页 National Defense Technology
基金 国防科学技术大学项目
关键词 “心脏出血”漏洞 开源软件 信息安全 Heartbleed open source software information security
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献10

  • 1互联网曝重大安全漏洞 全球六成网站“心脏出血”[N].参考消息,2014-04-11(5).
  • 2CVE-2014-0160[EB/OL].https://www.openssl.org/news/secadv_20140407.txt.
  • 3互联网“心脏出血”首批受害者曝光[N].参考消息,2014-04-20(7).
  • 4“心脏出血”变种威胁安卓用户[N].参考消息,2014-04-22(7).
  • 5安卓系统易受“心脏出血”攻击[N].参考消息,2014-04-15(6).
  • 6美IT巨头集体资助开源软件[N].参考消息,2014-04-26(7).
  • 7“心脏出血”漏洞编写者被曝光[N].参考消息,2014-04-12(7).
  • 8美辩称未借“心脏出血”搜集情报[N].参考消息,2014-04-13(7).
  • 9梅宏,王千祥,张路,王戟.软件分析技术进展[J].计算机学报,2009,32(9):1697-1710. 被引量:101
  • 10武剑杰.软件测试实用教程[M].北京:电子工业出版社,2012.

二级参考文献54

  • 1Shaw M. Truth Vs. knowledge: The difference between what a component does and what we know it does//Proeeedings of the 8th International Workshop Software Specification and Design. Budapest, Hungary, 1996: 181- 185.
  • 2Binkley David. Source code analysis: A road map//Proceedings of the Future of Software Engineering. Minneapolis, MN, USA, 2007:104 -119.
  • 3Dwyer Matthew B, Hatcliff John, Robby, Pasareanu Corina S, Visser Willem. Formal software analysis emerging trends in software model cheeking//Proceedings of the Future of Software Engineering. Minneapolis, MN, USA, 2007: 120- 136.
  • 4Flemming Nielson, Hanne Riis Nielson, Chris Hankin. Principles of Program Analysis. Berlin, Germany: Springer Verlag, 2005.
  • 5Jackson Daniel, Rinard Martin. Software analysis: A roadmap//Proceedings of the Future of Software Engineering. Limerick, Ireland, 2000:133-145.
  • 6Aho Alfred V, Sethi Ravi, Ullman Jeffrey D. Compilers: Principles, Techniques, and Tools. New Jersey, USA: Addison-Wesley, 1986.
  • 7Clarke E M, Jr Grumberg O, Peled D A. Model Checking, Cambridge, MA: MIT Press, 2000.
  • 8Ball T, Rajamani S K. Automatically validating temporal safety properties of interfaces//Dwyer M B ed. Proceedings of the 8th SPIN Workshop. LNCS 2057. Springer, 2001:103-122.
  • 9Chen H, Wagner D A. MOPS: An infrastructure for examining security properties of software//Proceedings of the 9th ACM Conference on Computer and Communications Security. Washengton, DC, USA, 2002:235-244.
  • 10Corbett J et al. Bandera: Extracting finite-state models from Java source code//Proceedings of the 22nd ICSE. Limerick, Ireland, 2000:439-458.

共引文献100

同被引文献4

引证文献2

国防科技
2014年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部