| 堆栈溢出攻击的分析及防范 |
| |
| 引用本文: | 潘琦,王澄,杨宇航. 堆栈溢出攻击的分析及防范[J]. 上海交通大学学报, 2002, 36(9): 1346-1350 |
| |
| 作者姓名: | 潘琦 王澄 杨宇航 |
| |
| 作者单位: | 上海交通大学,电子工程系,上海,200030 |
| |
| 摘 要: | 堆栈溢出(Stack overflow)攻击是当前攻击计算机的一种常用手段,首先对各种类型的堆栈溢出漏洞和攻击手段进行分析,然后针对这些漏洞讨论已有的各种预防攻击的办法,最后提出了一种利用动态修改堆栈空间和静态植入二进制代码的方法来实现对于堆栈的保护,分析结果表明,由于所监控的函数本身对效率的要求不高,同时被系统调用的次数不多,所插入的代码一方面很好地防御了通常的堆栈溢出攻击,另一方面对于整个程序的效率也几乎没有任何影响,而且对于新发现的具有安全漏洞的函数,只要将其加入监控函数列表,就可以使整个程序的架构保持不变,为以后的扩展带来方便。
|
| 关 键 词: | 堆栈溢出攻击 动态连结库 相对虚拟地址 网络安全 防范措施 攻击原理 堆栈空间 |
| 文章编号: | 1006-2467(2002)09-1346-05 |
| 修稿时间: | 2001-09-21 |
Analysis and Prevention of the Stack Overflow Attacking |
| |
| PAN Qi,WANG Cheng,YANG Yu hang. Analysis and Prevention of the Stack Overflow Attacking[J]. Journal of Shanghai Jiaotong University, 2002, 36(9): 1346-1350 |
| |
| Authors: | PAN Qi WANG Cheng YANG Yu hang |
| |
| Abstract: | The nature of how the stack overflow attack happens was analyzed. After taking a look about the different prevention ways against the stack overflow, a new implementation was proposed. By modifying the stack space in the fly and implanting binary code static, the stack overflow can be detected with little penalty. The result shows that since those monitored APIs have low expectation of efficiency, and there are few called times, the implementation can prevent computers from the buffer overflow attacks effectively. For those new APIs to be monitored, the only thing needs to do is adding them to the monitor list which bring about the easily maintenance of the whole program. |
| |
| Keywords: | stack overflow dynamic link library(DLL) relative virtual address(RVA) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
