基于静态分析的java源代码后门检测技术研究
Backdoor Detection for Java Language Based On Static Analysis
WEB工程中存在的后门会给网站安全带来极大风险,针对日益猖獗的后门攻击,本文提出了一种基于静态分析的后门检测技术,该技术通过分析源代码,可以检测出java语言WEB工程中存在的主要后门漏洞,并结合流分析及关键数据传播分析,给出漏洞的完整攻击路径。
Backdoors exist in WEB projects can cause great security risks for the sites. To prevent sites from attack, this paper presents a detection technology based on static analysis. By analyzing the source code, it can detect most backdoor flaws of WEB projects which are developed by java. Combined with data flow analysis and taint analysis, complete attack path can be given.
王一岚、徐国爱、张淼
计算技术、计算机技术
信息安全静态分析后门检测
information securitystatic analysisbackdoor detection
王一岚,徐国爱,张淼.基于静态分析的java源代码后门检测技术研究[EB/OL].(2011-12-01)[2025-08-21].http://www.paper.edu.cn/releasepaper/content/201112-10.点此复制
评论