基于符号执行的Unlink攻击检测方法

Unlink攻击是一种Linux平台下面向堆溢出漏洞的攻击方式.已有的缓冲区溢出漏洞攻击检测技术通过检查程序控制流状态来确定程序漏洞触发点,并生成测试用例.但由于堆溢出数据很少直接导致程序控制流劫持以及相关保护机制的限制,已有的检测技术很难判断程序是否满足堆溢出攻击条件.为了提高程序的安全性,实现对Unlink攻击的检测,文中通过对已有Unlink攻击实例的分析,总结了Unlink攻击特征,建立了Unlink攻击检测模型,并根据该模型提出了Unlink攻击检测方法.该方法使用污点分析实现了对程序输入数据以及敏感操作的监控;使用符号执行技术构建程序污点变量传播的路径约束以及触发Unlink攻击的数据约束;通过对上述约束的求解,判断程序堆溢出漏洞是否满足Unlink攻击触发条件,并生成测试用例.实验结果表明,该方法能有效地实现针对Unlink攻击的检测.     

缓冲区溢出漏洞利用研究

远程缓冲区溢出漏洞是网络安全领域最严重的安全漏洞.而远程过程调用广泛应用于分布式环境中,是发起远程缓冲区溢出攻击的常见手段.首先,阐述缓冲区溢出的基本原理,给出windows下利用远程过程调用发起远程缓冲区溢出攻击的一般方法和主要流程,通过一个缓冲区溢出漏洞利用的实例,说明攻击流程和分析方法的有效性,为如何在网络环境下有效防范缓冲区溢出漏洞利用提供指导.     

一种面向语义分析的缓冲区溢出漏洞检测方法

缓冲区溢出引起的漏洞普遍又致命,成为了信息安全方面的重大话题.针对缓冲区溢出漏洞提出了一种面向语义分析的检测方法并加以实现.该检测方法是在原有的语法分析和词法分析的基础上,采用区间运算和改进的Wagner算法等方法,实现了语义分析更深层次上的检测.同已有的检测方法相比,该检测方法实现了对缓冲区溢出漏洞更准确的检测,具有较低的误报率和很好的运行性能.最后,设计并实现了一个原型检测系统,并通过实验证明了系统的有效性.     

巧妙拯救损坏的Word文档

有时,我们在打开Word文档时会发现屏幕上出现许多乱码,无法正常查看其中的内容。此时该怎么办呢?我们可以在Word中打开损坏的文档后,选择“文件→另存为”,在“保存类型”列表中,选择“RTF格式”,然后单击“保存”按钮(如右图)。关闭损坏的文档,打开刚才保存的RTF格式文件,选择“文件→另存为”,在“保存类型”列表中,选择“Word文档”,然后单击“保存”按钮。关闭RTF文档,打开修改后的Word文档。此时,乱码文件就会正常出现在你眼前了.     

基于遗传算法的缓冲区溢出漏洞挖掘技术

Fuzzing漏洞挖掘技术是针对缓冲区溢出漏洞挖掘常用的技术之一,该测试存在随机性和盲目性等问题.为此依据缓冲区溢出攻击的特征策略,结合静态分析的控制流思想,提出了一种基于遗传算法的漏洞挖掘技术,依据缓冲区溢出攻击的特征设计出对应的遗传算法适应度函数,智能引导测试数据逻辑到漏洞程序的危险区域,使其快速命中缓冲区溢出漏洞.仿真实验表明,与模拟退火算法比较,具有更快的收敛速度和较高完备性.     

基于源码分析的缓冲区溢出漏洞检测方法

根据缓冲区溢出原因提出一种基于源码分析的缓冲区溢出漏洞检测方法,该方法对源码预处理后进行静态分析并依次构造相应的抽象语法树、控制流图、函数调用图和变量表,最后建立有限状态自动机检测模型.以容易出现溢出的C/C++源码为例,构造相应的检测模型,结果表明:该检测模型相比已有检测方案,可以更加有效地检测出缓冲区溢出漏洞;同时,该方法对程序代码中的危险函数调用和溢出过滤机制也能进行有效识别从而降低误报率,该检测方法也适用于其他语言的源码检测.     

Windows平台下缓冲区溢出的攻击及防卫

Windows平台下缓冲区溢出的安全漏洞是最为常见的一种形式.更为严重的是,缓冲区溢出漏洞占了远程网络攻击的绝大多数,分析了缓冲区溢出的原理及缓冲区溢出攻击方法,同时也研究了各种防卫手段.     

一种新的缓冲区溢出检测模型

提出了一种基于二进制代码的缓冲区溢出漏洞检测模型,该模型采用静态检测技术和动态检测技术相结合的方法,最大程度的检测程序中可能存在的缓冲区溢出漏洞,并且对静态检测和动态检测的结果进行人工分析,以提高检测的准确率。     

缓冲区溢出攻击的动态检测与防范

缓冲区溢出是被黑客利用得最多的漏洞之一,为了对其进行动态的检测及防范,提出了一种基于地址认证的缓冲区防护(Authentication-Guard)技术.该技术通过修改编译代码,动态检测缓冲区是否发生溢出,对返回地址进行保护,避免了恶意代码的运行.利用该技术,攻击者无法利用计算缓冲区长度来绕开检测,同时也避免了返回地址不可预知的问题.     

构件栈缓冲区溢出漏洞检测系统的设计与实现

随着COM构件技术的广泛使用,COM构件暴露出越来越多的缓冲区溢出安全漏洞。为进一步提高COM构件的安全性,本文设计实现了COM构件栈缓冲区溢出漏洞检测系统CSDS（component stack-overflow detectingsystem）,并在其中实现了一个栈溢出检测算法。CSDS主要有接口分析、函数定位、栈溢出静态分析和结果输出4个模块,接口分析模块分析被测COM构件得到构件的对象、接口及函数的详细信息;函数定位模块获取构件中用户编写的函数在该构件对应的汇编代码中的线性地址;栈溢出静态分析模块使用提出的栈溢出检测算法生成COM构件汇编代码及分析栈溢出漏洞;结果输出模块将检测结果用XML的形式表示出来。所实现的原型系统CSDS对COM构件栈缓冲区溢出漏洞具有一定的检测效果。     

Markedness and its Interpretation in Language Use

Language markedness is a common phenomenon in languages, and is reflected from hearing, vision and sense, i.e. the variation in the three aspects such as phonology, morphology and semantics. This paper focuses on the interpretation of markedness in language use following the three perspectives, i.e. pragmatic interpretation, psychological interpretation and cognitive interpretation, with an aim to define the function of markedness.     

Lower Paleozoic oil relationships within Williston Basin, Canada

The Williston Basin is a significant petroleum province, containing oil production zones that include the Middle Cambrian to Lower Ordovician, Upper Ordovician, Middle Devonian, Upper Devonian and Mississippian and within the Jurassic and Cretaceous. The oils of the Williston Basin exhibit a wide range of geochemical characteristics defined as "oil families", although the geochemical signature of the Cambrian Deadwood Formation and Lower Ordovician Winnipeg reservoired oils does not match any "oil family". Despite their close stratigraphic proximity, it is evident that the oils of the Lower Palaeozoic within the Williston Basin are distinct. This suggests the presence of a new "oil family" within the Williston Basin. Diagnostic geochemical signatures occur in the gasoline range chromatograms, within saturate fraction gas chromatograms and biomarker fingerprints. However, some of the established criteria and cross-plots that are currently used to segregate oils into distinct genetic families within the basin do not always meet with success, particularly when applied to the Lower Palaeozoic oils of the Deadwood and Winnipeg Formation.     

An Analysis of Catherine＇s Character——Wuthering Heights

Wuthering Heights, Emily Bronte＇s only novel, was published in December of 1847 under the pseudonym Ellis Bell. The book did not gain immediate success, but it is now thought one of the finest novels in the English language. Catherine is the key character of this masterpiece, because everybody and everything center on her though she had a short life. We can understand this masterpiece better if we know Catherine well.     

Features of Women's language

Language is a means of verbal communication. People use language to communicate with each other. In the society, no two speakers are exactly alike in the way of speaking. Some differences are due to age, gender, statue and personality. Above all, gender is one of the obvious reasons. The writer of this paper tries to describe the features of women＇s language from these perspectives： pronunciation, intonation, diction, subjects, grammar and discourse. From the discussion of the features of women＇s language, more attention should be paid to language use in social context. What＇s more, the linguistic phenomena in a speaking community can be understood more thoroughly.     

Characterization of Ordovician carbonate reservoirs, southeastern Saskatchewan, Canada

The discovery of the prolific Ordovician Red River reservoirs in 1995 in southeastern Saskatchewan was the catalyst for extensive exploration activity which resulted in the discovery of more than 15 new Red River pools. The best yields of Red River production to date have been from dolomite reservoirs. Understanding the processes of dolomitization is, therefore, crucial for the prediction of the connectivity, spatial distribution and heterogeneity of dolomite reservoirs.The Red River reservoirs in the Midale area consist of 3～4 thin dolomitized zones, with a total thickness of about 20 m, which occur at the top of the Yeoman Formation. Two types of replacement dolomite were recognized in the Red River reservoir: dolomitized burrow infills and dolomitized host matrix. The spatial distribution of dolomite suggests that burrowing organisms played an important role in facilitating the fluid flow in the backfilled sediments. This resulted in penecontemporaneous dolomitization of burrow infills by normal seawater. The dolomite in the host matrix is interpreted as having occurred at shallow burial by evaporitic seawater during precipitation of Lake Almar anhydrite that immediately overlies the Yeoman Formation. However, the low δ18O values of dolomited burrow infills (-5.9‰～ -7.8‰, PDB) and matrix dolomites (-6.6‰～ -8.1‰, avg. -7.4‰ PDB) compared to the estimated values for the late Ordovician marine dolomite could be attributed to modification and alteration of dolomite at higher temperatures during deeper burial, which could also be responsible for its 87Sr/86Sr ratios (0.7084～0.7088) that are higher than suggested for the late Ordovician seawaters (0.7078～0.7080). The trace amounts of saddle dolomite cement in the Red River carbonates are probably related to "cannibalization" of earlier replacement dolomite during the chemical compaction.     

Design and analysis of generic LBS application developing platform

Location based services is promising due to its novel working style and contents.A software platform is proposed to provide application programs of typical location based services and support new applications developing efficiently. The analysis shows that this scheme is easy implemented, low cost and adapt to all kinds of mobile nework system.     

橡胶颗粒沥青混合料低温抗裂性试验研究

以AC-13级配为基础,将橡胶颗粒代替部分集料掺入混合料中,以低温弯曲试验为评价方法对不同橡胶颗粒掺量下沥青混合料的低温抗裂性进行研究,并引入应变能密度值对混合料的低温抗裂性进行综合评价.试验结果表明:橡胶颗粒沥青混合料试件的破坏微应变均超过2 300,满足冬寒区的技术指标;无论是否掺加橡胶颗粒,随着温度的下降,沥青混合料破坏时的最大弯拉强度增大,弯拉应变降低,劲度模量增大;弯曲应变能密度在胶粒掺量为1%左右时具有较大的弯曲应变能密度值,此时橡胶颗粒沥青混合料具有较好的低温抗裂性.     

低渗透非均质砂岩油藏启动压力梯度研究

理论推导与室内实验相结合,建立了低渗透非均质砂岩油藏启动压力梯度确定方法。首先借助油藏流场与电场相似的原理,推导了非均质砂岩油藏启动压力梯度计算公式。其次基于稳定流实验方法,建立了非均质砂岩油藏启动压力梯度测试方法。结果表明:低渗透非均质砂岩油藏的启动压力梯度确定遵循两个等效原则。平面非均质油藏的启动压力梯度等于各级渗透率段的启动压力梯度关于长度的加权平均;纵向非均质油藏的启动压力梯度等于各渗透率层的启动压力梯度关于渗透率与渗流面积乘积的加权平均。研究成果可用于有效指导低渗透非均质砂岩油藏的合理井距确定,促进该类油藏的高效开发。     

Quantitative trait loci （QTLs） for quality traits related to protein and starch in wheat

Quality traits in wheat （Triticum aestirum L.） were studied by quantitative trait locus （QTL） analysis in a recombinant inbred line （RIL） population, a set of 131 lines derived from Chuan 35050 × Shannong 483 cross （ChSh）. Grains from RILs were assayed for 21 quality traits related to protein and starch. A total of 35 putative QTLs for 19 traits with a single QTL explaining 7.99-40.52% of phenotypic variations were detected on 10 chromosomes, 1D, 2A, 2D, 3B, 3D, 5A, 6A, 6B, 6D, and 7B. The additive effects of 30 QTLs were positive, contributed by Chuan 35050, the remaining 5 QTLs were negative with the additive effect contributed by Shannong 483. For protein traits, 15 QTLs were obtained and most of them were located on chromosomes 1 D, 3B and 6D, while 20 QTLs for starch traits were detected and most of them were located on chromosomes 3D, 6B and 7B. Only 7 QTLs for protein and starch traits were co-located in three regions on chromosomes 1D, 2A and 2D. These protein and starch trait QTLs showed a distinct distribution pattern in certain regions and chromosomes. Twenty-two QTLs were clustered in 6 regions of 5 chromosomes. Two QTL clusters for protein traits were located on chromosomes 1D and 3B, respectively, three clusters for starch traits on chromosomes 3D, 6B and 7B, and one cluster including protein and starch traits on chromosome 1D.     

On Tragic Consciousness In The Works By Ernest Hemingway

As an American modern novelist who were famous in the literary world, Hemingway was not a person who always followed the trend but a sharp observer. At the same time, he was a tragedy maestro, he paid great attention on existence, fate and end-result. The dramatis personae's tragedy of his works was an extreme limit by all means tragedy on the meaning of fearless challenge that failed. The beauty of tragedy was not produced on the destruction of life, but now this kind of value was in the impact activity. They performed for the reader about the tragedy on challenging for the limit and the death.