| 基于Unix/Linux系统的软件脆弱性分类法 |
| |
| 引用本文: | 李艺,李新明,姜湘岗.基于Unix/Linux系统的软件脆弱性分类法[J].计算机工程,2005,31(6):4-6. |
| |
| 作者姓名: | 李艺 李新明 姜湘岗 |
| |
| 作者单位: | 1. 装备指挥技术学院,北京,101416
2. 北京电子科技学院,北京,100036 |
| |
| 基金项目: | 国家“863”计划基金资助项目(2003AA1Z2050) |
| |
| 摘 要: | 对目前的软件脆弱性分类方法进行了分析,说明了软件脆弱性的研究现状,提出了引入原因、所在部件、影响、修复、验证、检测和攻击等描述软件脆弱性的关键属性,针对Unix/Linux操作系统,提出了基于软件脆弱性所在部件和引入原因的二维度的脆弱性分类法,对分类法属性的选择进行了说明,详细描述了分类方法,并对设计脆弱性进行了重点说明.
|
| 关 键 词: | 脆弱性 分类法 属性 |
| 文章编号: | 1000-3428(2005)06-0004-03 |
| 修稿时间: | 2004年2月18日 |
A Taxonomy of Software Vulnerabilities in Unix/Linux Systems |
| |
| LI Yi,Li Xinming,JIANG Xianggang.A Taxonomy of Software Vulnerabilities in Unix/Linux Systems[J].Computer Engineering,2005,31(6):4-6. |
| |
| Authors: | LI Yi Li Xinming JIANG Xianggang |
| |
| Affiliation: | LI Yi1,LI Xinming1,JIANG Xianggang 2 |
| |
| Abstract: | This paper analyzes the current taxonomies of software vulnerability, describes the actualities of research on software vulnerability, proposes the key attributes used to describe a software vulnerability which includes cause, location, impact, mend, validation, detection and attack, and then for Unix/Linux operating systems, proposes two-dimensional taxonomy of software vulnerability based on location and cause attributes, analyses the choice reason of taxonomic attributes, and describes in detail the classification scheme with emphasis on the class of design vulnerability. |
| |
| Keywords: | Vulnerability Taxonomy Attribute |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
