摘要
在计算机系统中,驱动程序相当于操作系统和底层硬件的交互纽带,其正确性不容忽视。以Linux内核网卡驱动程序为主要分析对象,通过对网卡驱动程序的基本功能模块进行分析,借助符号执行技术,提出了一种基于规则检查的网卡驱动程序分析方法,构建了一个自动化分析系统。针对Linux 2.6.29版本的内核,利用该系统进行测试,结果表明该系统可以快速有效发现新脆弱性。
In a computer system, the driver serves as an interaction bridge of between operating system and underlying hardware, and thus its validity should not be ignored. By taking the Linux kernel net-driver as the major object, through analysis on the basic function module of net drivers, and with the help of symbolic execution, an analysis method based on rules checking for net drivers is proposed, and a automatic analysis system constructed. For Linux kernel 2.6.29 version, the proposed system is used to carry out test, and the result shows that this system can find new vulnerability quickly and efficiently.
出处
《信息安全与通信保密》
2016年第6期83-87,共5页
Information Security and Communications Privacy
关键词
网卡驱动
脆弱性
符号执行
规则检查
net driver
vulnerability
symbolic execution
rules checking
