| 基于过程间分析的缓冲区溢出易发点检测 |
| |
| 引用本文: | 邹 雪,王兴起,方景龙,王大全.基于过程间分析的缓冲区溢出易发点检测[J].计算机工程与应用,2016,52(15):110-113. |
| |
| 作者姓名: | 邹 雪 王兴起 方景龙 王大全 |
| |
| 作者单位: | 杭州电子科技大学 计算机学院,杭州 310018 |
| |
| 摘 要: | 针对循环拷贝内存引发的缓冲区溢出漏洞,提出了一种上下文相关的过程间分析检测模型,通过对二进制代码进行一系列的静态分析,使用过程间分析提供的数据交互关系,对缓冲区溢出易发点进行挖掘。这种检测模型基于BinNavi的开放平台,以插件形式实现,能够对溢出易发点进行精确的筛选,有效地减少误报漏报情况。
|
| 关 键 词: | 缓冲区溢出 循环 易发点 过程间分析 函数摘要 |
Buffer overflow prone points detection based on inter-process analysis |
| |
| ZOU Xue,WANG Xingqi,FANG Jinglong,WANG Daquan.Buffer overflow prone points detection based on inter-process analysis[J].Computer Engineering and Applications,2016,52(15):110-113. |
| |
| Authors: | ZOU Xue WANG Xingqi FANG Jinglong WANG Daquan |
| |
| Affiliation: | College of Computer Science and Technology, Hangzhou Dianzi University, Hangzhou 310018, China |
| |
| Abstract: | For buffer overflow vulnerability caused by circulating copies of memory, this paper proposes a context-sensitive inter-process analysis and detection model. Through a series of static analysis of binary code, inter-process analysis using data provided by the inter-process analysis, it mines the buffer overflow prone points. This detection model is based on BinNavi open platform, implemented as a plug, is able to screen accurately spill-prone points and effectively reduces false and negative cases. |
| |
| Keywords: | buffer overflow loop prone points process analysis function summary |
|
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
|
