亚洲a人成天堂,午夜国产精品无码视频,国产精品美女久久久久9999,波多野结衣久久免费看,国产在线国偷精品产拍,久久综合亚洲色hezyo国产,十八禁啪啦拍无遮拦视频,18禁裸身美女网站,日本少妇一级精品,无遮挡在线观看

摘要:軟件漏洞是發(fā)生安全事件的重要原因。在計算機安全學中，漏洞指的是存在于一個系統(tǒng)內的弱點或缺陷，系統(tǒng)對一個特定的威脅攻擊或危險事件的敏感性，或進行攻擊的威脅作用的可能性。據(jù)CERT（Computer Emergency Response Team）統(tǒng)計，自蠕蟲事件以來，Internet安全威脅事件逐年上升，近年來尤為迅猛，從1998年到2010年，平均每年增長幅度到50%左右，促使這些安全事件的主要因素是系統(tǒng)和網(wǎng)絡安全脆弱性層出不窮，給Internet帶來了巨大的經(jīng)濟損失。

　　　目前對于軟件漏洞加強研究，可以有效的減少安全事件的發(fā)生，從而減少經(jīng)濟損失，促進計算機網(wǎng)絡的健康和安全發(fā)展。

　　　本文通過對軟件漏洞的研究，提出代碼的審計方法，以減少安全事件的發(fā)生，從而達到一種主動防御的效果。本文的主要工作包括：

　　　1、探討漏洞產(chǎn)生分類和相關的原理。

　　　2、對軟件漏洞分析方法的探討。

　　　3、設計實現(xiàn)代碼審計的軟件。 

　　　4、對設計的軟件進行用例測試。 

　　　5、對測試結果進行評估，給出了安全編碼建議。 

關鍵詞：惡意代碼、軟件漏洞、代碼審計、主動防御、信息安全

Abstract:Malicious code is always transferred by Software vulnerabilities. The Software vulnerabilities are the most important reason for the safety events. In the field of computer safety, leak is the vulnerability in the system of computer. And it is the sensitive to the special the threaten attack or dangerous events. It also appears possibility of threaten of attack. According to statistics of the Computer Emergency Response Team, with the occurrence of worm incident, the chance of safety events on Internet is increasing year after year, especially in recent years. From 1998 to 2010, the growth margin reaches to fifty percent on average. The main reason of which is the vulnerability of system and network safety emerges in endlessly leading to tremendous economic loss.

　　At present, reinforcing the research of software leak can decrease the occurrence of safety incidents efficiently to reduce the loss of economy which bring the healthy and safe development of the network.

　　By the study of the vulnerability, this paper put forward the way of code review to reduce the happen of the safety events and achieve the effect of active defense.

　　1. Discuss the classification and the relevant principle of software leak.

　　2. Discuss the analysis way of software leak.

　　3. Design the software of code review.

　　4. Test the software.

　　5. Evaluate the result of test, and propose the advice on possible defect in use.

Key words: malicious code; software vulnerabilities; code review; active defense; information security