共查询到17条相似文献,搜索用时 109 毫秒
1.
一种防止缓冲区溢出攻击的新方法 总被引:2,自引:2,他引:0
唐洪英 《微电子学与计算机》2006,23(4):68-70
介绍了缓冲区溢出攻击的原理,分析了缓冲区的三种结构,简要总结了已有的检测方法。提出了一种新的简单、易实施的防御缓冲区溢出攻击的方法。 相似文献
2.
3.
为了编写更安全的C程序和提高已有C程序的安全性,对C库函数中易受缓冲区溢出攻击的脆弱函数进行了分析,分析它们可能产生缓冲区溢出时的特征及如何避免缓冲区溢出.实现了一种缓冲区溢出检测工具,能较准确地检测到C目的程序中的缓冲区溢出漏洞,分析结果具有实用价值. 相似文献
4.
Linux下缓冲区溢出的分析与利用 总被引:1,自引:0,他引:1
缓冲区溢出漏洞攻击是目前互联网上黑客使用最多的攻击手段之一。论文针对Linux平台,从Linux系统内存管理机制人手,解释了Linux系统下函数调用的方法,分析了缓冲区溢出产生的原因并阐明了缓冲区溢出产生的整个过程,通过具体实例,说明了缓冲区溢出的利用方法。 相似文献
5.
本文分析了缓冲区溢出攻击的原理,概括linux系统针对溢出攻击的常用防御手段.进一步,分析了目前各种基于裁减linux系统的安全网关的特点,提出了其抗缓冲区溢出攻击以增强系统安全性的方法.最后说明了防溢出攻击技术的近期发展. 相似文献
6.
缓冲区溢出攻击的防范策略 总被引:3,自引:2,他引:1
曾凤 《微电子学与计算机》2005,22(9):51-53
首先解释了缓冲区溢出的概念,从程序语言本身存在缺陷,不够健壮的角度出发.对缓冲区溢出的原理进行了详细的阐述;再次,结合缓冲区溢出攻击的类型,从系统管理和软件开发两个角度提出了缓冲区溢出攻击的防范策略。 相似文献
7.
首先解释缓冲区溢出的概念,从程序语言本身存在缺陷,不够健壮的角度出发,对缓冲区溢出的原理进行了详细的阐述,并总结出缓冲区溢出攻击的类型;最后,结合缓冲区溢出攻击的类型,从系统管理和软件开发两个角度提出缓冲区溢出攻击的防范措施. 相似文献
8.
基于Windows缓冲区溢出漏洞的植入型木马研究 总被引:3,自引:0,他引:3
文中首先讨论了缓冲区溢出及其攻击的原理并说明了三种攻击方法,而后讨论了基于缓冲区溢出漏洞的植入型木马设计的关键技术与实现思想,最后采用攻击树方法对其进行了简单的形式化分析,说明了植入式术马的可行性。 相似文献
9.
10.
缓冲区溢出漏洞是一类常见的软件漏洞,其对计算机系统造成的危害非常大。本文针对这类漏洞提出一种基于二进制文件动态插桩并根据程序运行状态来判定缓冲区溢出的检测方法,并实现了基于该方法的检测系统。通过分析缓冲区溢出的原理以及常见攻击方法的特点,提出了基于覆盖返回地址、虚函数表、异常处理链表以及溢出后执行特定API的缓冲区溢出检测方法。实验表明该系统能有效检测到缓冲区溢出并定位溢出点从而辅助对漏洞原理进行分析。 相似文献
11.
Integer overflow vulnerability will cause buffer overflow. The research on the relationship between them will help us to detect integer overflow vulnerability. We present a dynamic analysis methods RICB (Run-time Integer Checking via Buffer overflow). Our approach includes decompile execute file to assembly language; debug the execute file step into and step out; locate the overflow points and checking buffer overflow caused by integer overflow. We have implemented our approach in three buffer overflow types: format string overflow, stack overflow and heap overflow. Experiments results show that our approach is effective and efficient. We have detected more than 5 known integer overflow vulnerabilities via buffer overflow. 相似文献
12.
Interrupted service, which may occur in fading radio channels, in low-priority channels which can be preempted or in systems with failures may make severe demands on buffer size if overflow is to be avoided. This paper analyzes a buffer with a Markov-interrupted timeslotted server, generalizing earlier work on independent random interruptions. An equivalent service distribution is defined for use in an approximateM/G/1 model, which in turn gives buffer probabilities and overflow probabilities. For very small overflow probabilities, the necessary buffer size is found from a further analytic approximation to the tail of the buffer size distribution. The accuracy of the two approximations together is good, shown by an example of a fading radio channel. 相似文献
13.
ZHAO Dong-fan LIU LeiCollege of Computer Science Technology Jilin University Changchun P.R. China 《中国邮电高校学报(英文版)》2005,12(3)
1 Buffer Overflow Detection Technology Buffer overflow detection approaches can be dividedinto two categories :static approaches and dynamic ap-proaches[1 ,7 ~9]. Both dynamic approaches , such asStackGuard[2],StackShield[3],and Ref .[6] ,andstaticapproaches,such as ITS4[4], Rats[5],and Refs .[14 ~15] ,have their own disadvantages andli mitations .Dy-namic approaches increase the system operation spend-ing,and could become a service rejected attack easily.This paper presents anapproachto… 相似文献
14.
Lin W.W.K. Wong A.K.Y. Dillon T.S. 《IEEE transactions on systems, man and cybernetics. Part C, Applications and reviews》2006,36(3):397-410
Two novel expert dynamic buffer tuners/controllers, namely, the neural network controller (NNC) and the fuzzy logic controller (FLC) are proposed in this paper. They use soft computing techniques to eliminate buffer overflow at the user/server level. As a result they help shorten the end-to-end service roundtrip time (RTT) of the logical Internet transmission control protocol (TCP) channels. The tuners achieve their goal by maintaining the given safety margin /spl Delta/ around the reference point of the {0,/spl Delta/}/sup 2/ objective function. Overflow prevention at the Internet system level, which includes the logical channels and their underlying activities, cannot shorten the service RTT alone. In reality, unpredictable incoming request rates and/or traffic patterns could still cause user-level overflow. The client/server interaction over a logical channel is usually an asymmetric rendezvous, with one server serving many clients. A sudden influx of simultaneous requests from these clients easily inundates the server's buffer, causing overflow. If this occurs only after the system has employed expensive throttling and overflow management resources, the delayed overflow rectification could lead to serious consequences. Therefore, it makes sense to deploy an independent user-level overflow control mechanism to complement the preventative effort by the system. Together they form a unified solution to effectively stifle channel buffer overflow. 相似文献
15.
缓冲区溢出攻击严重地危害着我们的网络安全,已经给人们带来了巨大的损失。在对现有防御技术和工具进行合理分类的基础上,文章总结其中存在的优缺点,探讨更有效防御工具的开发方向。同时针对日益增长的网络安全需求,从整个系统的角度提出了防御缓冲区溢出攻击的一种有效策略。 相似文献
16.
《IEEE transactions on information theory / Professional Technical Group on Information Theory》1972,18(6):765-774
Variable-length-to-block codes are a generalization of run-length codes. A coding theorem is first proved. When the codes are used to transmit information from fixed-rate sources through fixed-rate noiseless channels, buffer overflow results. The latter phenomenon is an important consideration in the retrieval of compressed data from storage. The probability of buffer overflow decreases exponentially with buffer length and we determine the relation between rate and exponent size for memoryless sources. We obtain codes that maximize the overflow exponent for any given transmission rate exceeding the source entropy and present asymptotically optimal coding algorithms whose complexity grows linearly with codeword length. It turns out that the optimum error exponents of variable-length-to-block coding are identical with those of block-to-variable-length coding and are related in an interesting way to Renyi's generalized entropy function. 相似文献
17.
When the virtual function was executed,it could cause array overflow vulnerability due to error operation of the virtual function table of C++ object.By attacking the virtual function,it could cause the system crash,or even the attacker to control the execution of program directly was allowed,which threatened user’s security seriously.In order to find and fix this potential security vulnerability as soon as possible,the technology for detecting such security vulnerability was studied.Based on the analysis of the virtual function call during the MS Word parsing RTF files,the array overflow vulnerability generated by MS Word parsing abnormal RTF files,and a new RTF array overflow vulnerability detection method based on the file structure analytical Fuzzing was proposed.Besides,an RTF array overflow vulnerability detection tool (RAVD,RTF array vulnerability detector) was designed.The test results show RAVD can detect RTF array overflow vulnerabilities correctly.Moreover,the Fuzzing results show RAVD has higher efficiency in comparison with traditional file Fuzzing tools. 相似文献