[1]乐德广,章亮,郑力新,等.面向RTF文件的Word漏洞分析[J].华侨大学学报(自然科学版),2015,36(1):17-22.[doi:10.11830/ISSN.1000-5013.2015.01.0017]
 LE De-guang,ZHANG Liang,ZHENG Li-xin,et al.Research on Word Vulnerability Analysis for the RTF File[J].Journal of Huaqiao University(Natural Science),2015,36(1):17-22.[doi:10.11830/ISSN.1000-5013.2015.01.0017]
点击复制

面向RTF文件的Word漏洞分析()
分享到:

《华侨大学学报(自然科学版)》[ISSN:1000-5013/CN:35-1079/N]

卷:
第36卷
期数:
2015年第1期
页码:
17-22
栏目:
出版日期:
2015-01-20

文章信息/Info

Title:
Research on Word Vulnerability Analysis for the RTF File
文章编号:
1000-5013(2015)01-0017-06
作者:
乐德广12 章亮2 郑力新2 李鑫2 陈经途3
1. 常熟理工学院 计算机科学与工程学院, 江苏 苏州 215500;2. 华侨大学 工学院, 福建 泉州 362021;3. 厦门锐思特软件科技有限公司, 福建 厦门 361005
Author(s):
LE De-guang12 ZHANG Liang2 ZHENG Li-xin2 LI Xin2 CHEN Jing-tu3
1. School of Computer Science and Engineering, Changshu Institute of Technology, Suzhou 362021, China; 2. College of Engineering, Huaqiao University, Quanzhou 362021, China; 3. Xiamen Rest Software Technology Company Limited, Xiamen 361005, China
关键词:
富文本格式 文档 软件安全 Word漏洞利用
Keywords:
rich text format document software security word vulnerability exploit
分类号:
TP393
DOI:
10.11830/ISSN.1000-5013.2015.01.0017
文献标志码:
A
摘要:
针对Word软件在富文本格式(RTF)文档解析的漏洞利用攻击,通过对Word程序的逆向分析,研究其在RTF文档解析中产生缓冲区溢出漏洞的原理,并提出一种基于指令回溯及特征数据构造的漏洞分析方法.通过该方法分析Word漏洞的触发原因、触发点和触发机制,给出了面向RTF文档的缓冲区溢出漏洞的分析流程.实验测试结果证明:该方法能有效检测出Word的RTF文档解析漏洞.
Abstract:
According to vulnerability exploitation attack of Word software parsing RTF document, this paper studies the principle of buffer overflow vulnerabilities of Word program parsing RTF document by using the reverse analysis of the Word program, and proposes a new vulnerability analysis method based on instruction backtracking and characterization data construction. Through proposed method, this paper analyzes the triggering reason, triggering point and triggering mechanism of Word vulnerability. The analysis process of buffer overflow vulnerabilities for facing RTF document is obtained. The Experimental testing results show that this method can effectively detect the RTF document parsing vulnerability of word.

参考文献/References:

[1] KUHN R,JOHNSON C.Vulnerability trends: Measuring progress[J].IT Professional,2010,12(4):51-53.
[2] 史飞悦,傅德胜.缓冲区溢出漏洞挖掘分析及利用的研究[J].计算机科学,2013,40(11):143-146.
[3] 陈恺,冯登国,苏璞睿.基于有限约束满足问题的溢出漏洞动态检测方法[J].计算机学报,2012,35(5):898-909.
[4] 高志伟,姚尧,饶飞,等.基于漏洞严重程度分类的漏洞预测模型[J].电子学报,2013,41(9):1784-1787.
[5] Microsoft Corporation.Rich Text Format(RTF)Specification[EB/OL].[2014-10-08] .http://msdn.microsoft.com/en-us/library/aa140277(office.10).aspx.
[6] 李毅超,刘丹,韩宏,等.缓冲区溢出漏洞研究与进展[J].计算机科学,2008,35(1):87-90.
[7] CHANG Yung-yu,ZAVARSKY P,RUHL R,et al.Trend analysis of the CVE for software vulnerability management[C]//Proceedings of IEEE Third International Conference on Privacy, Security, Risk and Trust(PASSAT)and IEEE Third Inernational Conference on Social Computing(SocialCom).Boston:Institute of Electrical and Electronic Engineers,2011:1290-1293.
[8] HUANG Shih-Kun,HUANG Min-Hsiang,HUANG Po-Yen,et al.Software crash analysis for automatic exploit generation on binary programs[J].IEEE Transactions on Reliability,2014,63(1):270,289.
[9] 葛毅,茅兵,谢立.基于内存更新记录的漏洞攻击错误定位方法[J].计算机科学,2009,36(1):253-256.
[10] FATAUER T S,KHATTAB S,OMARA F A.OverCovert: Using stack-overflow software vulnerability to create a covert channel[C]//Proceedings of IEEE 4th IFIP International Conference on New Technologies, Mobility and Security.Paris:Institute of Electrical and Electronic Engineers,2011:1-5.
[11] AN Zhi-yuan,LIU Hai-yan.Locating the address of local variables to achieve a buffer overflow[C]//Proceedings of IEEE Fifth International Conference on Computational and Information Sciences.Shiyang:IEEE Press,2013:1999-2002.
[12] 罗文华.基于逆向技术的恶意程序分析方法[J].计算机应用,2011,31(11):2766-2769.

相似文献/References:

[1]谢维波.医疗门诊业务流程的办公自动化[J].华侨大学学报(自然科学版),2002,23(1):100.[doi:10.3969/j.issn.1000-5013.2002.01.022]
 Xie Weibo.Office Automation Given to the Workflow of Outpatient Service in Medical Treatment[J].Journal of Huaqiao University(Natural Science),2002,23(1):100.[doi:10.3969/j.issn.1000-5013.2002.01.022]

备注/Memo

备注/Memo:
收稿日期: 2014-10-08
通信作者: 乐德广(1975-),男,副教授,博士,主要从事信息安全领域的研究.E-mail:ledeguang@gmail.com.
基金项目: 福建省物联网云计算平台建设基金资助项目(2013H2002); 福建省泉州市科技计划项目(2012Z83); 福建省泉州市丰泽区科技计划项目(2013FZ46); 华侨大学高层次人才科研启动项目(12Y0357)
更新日期/Last Update: 2015-01-20