期刊界 All Journals 搜尽天下杂志传播学术成果专业期刊搜索期刊信息化学术搜索

The number of identified integer overflow vulnerabilities has been increasing rapidly in recent years. In this paper, a smart software vulnerability detection technology is presented, which is used for the identifica- tion of integer overflow vulnerabilities in binary executa- bles. The proposed algorithm is combined with Target fil- tering and dynamic taint tracing （TFDTT）. Dynamic taint tracing is used to reduce the mutation space and target fil- tering function is used to filter test cases during the process of test case generation. Theory analysis indicates that the efficiency of TFDTT is higher than NonTF-DTT and ran- dom Fuzzing technology. And the experiment results in- dicate that the detection technology based upon TFDTT can identify the possible integer vulnerabilities in binary program, meanwhile, it is more efficiency than other two technologies. 相似文献

12.

Win32平台下内核溢出的原理与攻击方法

徐昊王轶骏薛质《信息安全与通信保密》2008,(6):89-91

针对系统内核的溢出是当今研究溢出漏洞攻击的发展趋势,而内核溢出主要是由处在系统内核态的驱动程序中的漏洞所产生,文章通过分析Win32平台下的一个内核驱动程序漏洞实例,详细阐述了内核溢出漏洞的产生原理,并引出了相应的攻击方法。相似文献

13.

在程序编码中防止缓冲区溢出 总被引：1，自引：0，他引：1

蒋卫华王文奇杜君《微电子学与计算机》2002,19(10):54-55

缓冲区溢出攻击是各种网络攻击方法中较普遍且危害较严重的一种，文章分析了缓冲区攻击的原理，并从编程角度分析了造成缓冲区溢出的潜在漏洞，最后提出了在程序编写过程中防御缓冲区溢出的方法。相似文献

14.

缓冲区溢出攻击的分析及防范措施

李学忠《电子工艺技术》2005,26(5):298-300

首先解释缓冲区溢出的概念,从程序语言本身存在缺陷,不够健壮的角度出发,对缓冲区溢出的原理进行了详细的阐述,并总结出缓冲区溢出攻击的类型;最后,结合缓冲区溢出攻击的类型,从系统管理和软件开发两个角度提出缓冲区溢出攻击的防范措施. 相似文献

15.

An Buffer Overflow Automatic Detection Method Based on Operation Semantic

ZHAO Dong-fan LIU LeiCollege of Computer Science Technology Jilin University Changchun P.R. China 《中国邮电高校学报(英文版)》2005,12(3)

1 Buffer Overflow Detection Technology Buffer overflow detection approaches can be dividedinto two categories :static approaches and dynamic ap-proaches[1 ,7 ~9]. Both dynamic approaches , such asStackGuard[2],StackShield[3],and Ref .[6] ,andstaticapproaches,such as ITS4[4], Rats[5],and Refs .[14 ~15] ,have their own disadvantages andli mitations .Dy-namic approaches increase the system operation spend-ing,and could become a service rejected attack easily.This paper presents anapproachto… 相似文献

16.

Research on RTF array overflow vulnerability detection

De-guang LE Sheng-rong GONG Shao-gang WU Feng XU Wen-sheng LIU 《通信学报》2017,38(5):96-107

When the virtual function was executed,it could cause array overflow vulnerability due to error operation of the virtual function table of C++ object.By attacking the virtual function,it could cause the system crash,or even the attacker to control the execution of program directly was allowed,which threatened user’s security seriously.In order to find and fix this potential security vulnerability as soon as possible,the technology for detecting such security vulnerability was studied.Based on the analysis of the virtual function call during the MS Word parsing RTF files,the array overflow vulnerability generated by MS Word parsing abnormal RTF files,and a new RTF array overflow vulnerability detection method based on the file structure analytical Fuzzing was proposed.Besides,an RTF array overflow vulnerability detection tool (RAVD,RTF array vulnerability detector) was designed.The test results show RAVD can detect RTF array overflow vulnerabilities correctly.Moreover,the Fuzzing results show RAVD has higher efficiency in comparison with traditional file Fuzzing tools. 相似文献

17.

缓冲区溢出漏洞精确检测方法研究 总被引：2，自引：1，他引：1

下载免费PDF全文

王雷李吉李博洋《电子学报》2008,36(11):2200-2204

缓冲区溢出漏洞是影响系统安全性的严重问题之一,本文提出了一种利用模型检测技术对代码中潜在的缓冲区溢出漏洞进行精确检测的方法.该方法通过静态分析,先将对缓冲区漏洞的检测转化为对程序某个位置可达性的判定.然后,利用模型检测技术对可达性进行验证.基于GCC和Blast,我们使用这一方法构造了一个精确检测缓冲区溢出漏洞的原型系统.最后,使用该原型系统对wu-ftpd,minicom和CoreHTTP等三个实际应用程序进行了检测,结果不仅检测出了已知的漏洞,而且发现了一些新漏洞. 相似文献

18.

嵌入式系统抗缓冲区溢出攻击的硬件防御机制研究

万毓西刘政林霍文捷邹雪城《微电子学与计算机》2011,28(4)

嵌入式系统设计时由于成本和功耗等方面的考虑而较少重视安全性,而一般采用的软件防御方式无法满足嵌入式系统在实时性和可靠性上的要求,缓冲区溢出作为最常见的软件安全漏洞对嵌入式系统安全构成严重威胁.文中构建了一种基于细粒度指令流监控(FIFM)的硬件防御机制,通过虚拟执行单元虚拟执行程序,在攻击发生之前检测攻击行为.实验结果表明FIFM能很好的防御典型的缓冲区溢出攻击,而且FIFM不需要修改程序,不破坏流水线完整性,对系统的性能影响小,本文的防护机制可以应用于其他嵌入式系统设计中以动态防御缓冲区溢出攻击. 相似文献