Updates of Vulnerability Detection Technology for computer software

Updates of Vulnerability Detection Technology for computer software

 

1. Computer software vulnerabilities and their status quo

We often say that computer software vulnerabilities are software security vulnerabilities in a broad sense. They mainly refer to defects that are prone to security threats to the entire computer software system during software preparation, or the sum of various factors that can affect the operation of the entire system. Because computer software is compiled manually, security vulnerabilities may be caused by incomplete consideration of software compilation personnel during software compilation. This is a problem that exists in every computer system, therefore, the vulnerability is normal.

But at the same time, once discovered by some hackers, vulnerabilities in computer software will become the target and breakthrough of the attack. Therefore, while we cannot avoid computer software vulnerabilities, it is necessary to scan computer software and fix discovered vulnerabilities in a timely manner. This is also a standard for evaluating the security performance of a computer system.

From the current situation, hackers use vulnerabilities in computer software systems to conduct attacks, which is the most important occurrence of the current software system security period. In addition, most of the active online attacks are some novice hackers, they are attacking vulnerabilities in computer software systems. For example, the number of attacks on vulnerabilities is inversely proportional to the vulnerability release time. That is to say, the latest software vulnerabilities have been attacked by hackers many times. This is also because Microsoft promptly patches vulnerabilities detected in the system. The longer the vulnerability is released, the more users patch the vulnerability. Therefore, it is important for information security personnel to quickly detect software vulnerabilities and update them accordingly.

2. Common Computer Software Vulnerability Detection Technologies

Information security personnel have been dealing with vulnerabilities and hackers for more than half a century. Therefore, in vulnerability detection technology, it also forms a series of detection practices. Nowadays, we usually use the following methods to detect computer software vulnerabilities:

(1) Static detection. Static detection technology is a software static test that our software engineers often say. Through some technology, we can directly analyze the source code of the software and analyze the syntax and semantics in the programming source code, detects and removes potential security risks or software vulnerabilities from the most basic logic. Currently, the main methods used in static testing include inference, data stream analysis, and constraint analysis. Among them, inference is mainly to summarize the source code of the same syntax type and make specific inferences. Data Stream Analysis analyzes the trend of data in the source code through the breakpoint detection method, in order to determine whether there are security risks in the source program, the constraint analysis is to add some possible constraints in some places of the source code to check whether the software has corresponding security risks.

Although static analysis can directly remove and troubleshoot software security risks, it cannot completely detect vulnerabilities in the software, therefore, we also need to find other software testing methods.

(2) dynamic testing. Dynamic Testing is different from static analysis. It first "runs" the software and extracts the numerical changes of the software variables within a specific time range for analysis when the software is executed, check whether the software meets our predefined change track to determine where the software is secure. One way of dynamic testing is to collect software data during the dynamic testing process, while the other is to keep a full record of the information in the execution process, then, use the information to match the vulnerability pattern and find software vulnerabilities.

(3) Hybrid Detection. Hybrid Detection is not simply a combination of static detection and dynamic detection to form a static detection method. The detection method derived from the content of the two methods is combined with the characteristics of the two detection methods. This includes the testing database technology, source code adaptation technology, and exception detection technology. These technologies use hybrid software Vulnerability Detection Technology in different needs and environments.

Through the detection technology of computer vulnerabilities, computer software and computer vulnerabilities can be identified as soon as possible, so as to promptly fix and update software vulnerabilities, and to a certain extent complete vulnerability detection. In order to make the computer better run, and ensure the safety of the Operation during the period. Vulnerability Detection Technology must be developed and researched. In addition, you must pay attention to the classification of the vulnerability risk level.

3. Fixing and updating computer software vulnerabilities

 

The vulnerability repair and update concepts are very broad. They include not only updates to computer software, but also fixes security patches, the frequent installation of firewalls, anti-virus software, and the change of security passwords in some key parts can be seen as vulnerability fixes and updates for the most computer software. Taking installing official patches as an example, Microsoft first proposed to fix computer software vulnerabilities, effective management is required for Patch identification, deployment, and evaluation throughout the lifecycle of the patch, so that the patch will not become a software security vulnerability again. There are several mature management models in the management of software vulnerabilities and fixes:

 

(1) Microsoft Patch Management model. As an oligarchy of global computer systems, Microsoft's patch management model has gradually become a standard for other vendors. Microsoft Patch Management starts from vulnerability identification and goes through the planning, testing, and deployment phases. The whole process evaluates and identifies the threat levels of computer vulnerabilities, and takes out and implements a patch plan during the planning phase, then, all-round tests are carried out in the implant system to the final deployment phase. However, patch feedback must be sorted out and analyzed in a timely manner in the future.

(2) CNCERT/CC patch management process. The patch management process comes from China's National Computer Network Emergency Technical Handling coordination center, which regards Patch Management as a special type of engineering management, it can also be divided into three parts: Pre-management, implementation process management, and post-event management. In general, it is similar to Microsoft's management model, but it only takes some measures in post-event management to ensure the stability of computer software systems.

4. Conclusion

In short, with the popularization of computer technology and the cultivation of more and more computer software talents, the number of hackers will also increase. Therefore, the security of computer software also requires higher technological reform. As an ordinary user of our computer software, it is normal to discover software vulnerabilities, but at the same time, we should do a good job of confidentiality, and do not spread the vulnerabilities, instead, even if we give feedback to the corresponding vendors and ask them to perform corresponding updates, we can have a better environment for computer software.