摘要
近几十年来,计算机硬件性能和软件规模技术已不同以往,其承载了人类社会生活生产的方方面面.计算机技术的飞速发展,也带来了人们对程序安全问题的关注.由于市面上存在着较多的遗留软件,这些软件无人维护且缺乏源代码支持,其安全性令人担忧,而二进制分析技术被用来解决该类软件问题.二进制分析技术根据其检测方式不同可分为:基于静态的二进制代码分析技术、基于动态的二进制代码分析技术和动静态混合的二进制代码分析技术.本文调研了近年来的二进制代码安全分析领域上相关研究,分别详细阐述了这3类技术中的主要方法,并对其关键技术进行详细介绍.
In recent decades,computer hardware performance and software scale technology have greatly changed,and they have been involved in all aspects of human social life and production.The rapid development of computer technology has also brought about the concern of program security issues.Since there is a large amount of legacy software on the market,which is unmaintained and lacks source code support,people are worried about its security.As a result,binary analysis techniques are used to address security issues of this kind of software.Furthermore,the techniques can be classified as follows according to their detection ways:static binary code analysis techniques,dynamic binary code analysis techniques,and dynamic and static binary code analysis techniques.This study reviews the recent research on binary code security analysis,describes the main approaches in the above three techniques,and introduces the key techniques in detail.
作者
周忠君
董荣朝
蒋金虎
张为华
ZHOU Zhong-Jun;DONG Rong-Chao;JIANG Jin-Hu;ZHANG Wei-Hua(Software School,Fudan University,Shanghai 200433,China;Shanghai Key Laboratory of Data Science,Fudan University,Shanghai 200433,China)
出处
《计算机系统应用》
2023年第1期1-11,共11页
Computer Systems & Applications
关键词
程序安全
二进制分析
静态分析
动态分析
动静态混合分析
program security
binary analysis
static analysis
dynamic analysis
hybrid dynamic and static analysis
