Research On Secure Reinforcement Technology During Software Implementation Process Based On Topological Structure

With the rapid development of computer science and Internet technology, software security issues have become one of the main threats to information system. The attack and defense of software vulnerabilities has become an important research field of information security for researchers. To address this problem, this paper proposes a research on software vulnerability security defense strategies based on topological structure, points out the relations between software implementation process and software topological structure, explores effective software security reinforcement technology during software implementation process and infiltrates secure reinforcement technology into the process based on topological structure.This paper first provides a software program analysis method based on topological structure from three aspects, system architecture, function invocation and binary code. Combining the advantages of traditional software vulnerability detection technology and software topological structure, this paper also proposes a path detection technology based on a new path called AEPC. This paper is based on a key observation: most control flow attackers will invoke the sensitive APIs to achieve their malicious purpose. We use AEPC to simplify control flow check path, then reinforce software implementation process. This method is divided into two phases: offline analysis and dynamic reinforcement. We first analyze software logical topological structure and layer module structure, then, extract and simplify the secure detection path of target program based on topological structure during offline analysis. In dynamic reinforcement phase, we utilize the offline information for run-time enforcement to ensure the validity and integrity by path tracking, dynamic detection, behavior analysis and threshold setting and stop the hijacking to defense the attacks.!The results of the experiment showed that our method is able to detect and prevent the control flow attacks with malicious API invocations. Compared with existing methods, the system performance is improved.