| 基于k循环随机序列的动态缓冲区溢出防御 |
| |
| 引用本文: | 江建慧,章力源,金涛,陈川. 基于k循环随机序列的动态缓冲区溢出防御[J]. 同济大学学报(自然科学版), 2010, 38(6): 917-924. DOI: 10.3969/j.issn.0253-374x.2010.06.024 |
| |
| 作者姓名: | 江建慧 章力源 金涛 陈川 |
| |
| 作者单位: | 1. 同济大学,计算机科学与技术系,上海,201804
2. 上海轨道交通信息管理中心,上海,201103 |
| |
| 基金项目: | 国家"八六三"高技术研究发展计划资助项目,上海申通地铁集团有限公司项目 |
| |
| 摘 要: | 面向Intel 80×86体系结构和C/C++语言,介绍了栈缓冲区溢出攻击的基本原理及攻击模式,分析了现有的动态防御典型方案的优点与不足.结合基于随机地址空间与签名完整性的防御思想,提出了一种基于k循环随机序列的动态缓冲区溢出防御方案,该方案能够在极大概率下防御多种模式的缓冲区溢出攻击,解决了"连续猜测攻击"的问题,并使软件具有一定的容侵能力.
|
| 关 键 词: | 缓冲区溢出 栈溢出 软件漏洞 动态检测 容侵 |
| 收稿时间: | 2009-08-07 |
| 修稿时间: | 2010-04-01 |
Dynamic Buffer Overflow Prevention Based on k Circular Random Sequence |
| |
| JIANG Jianhui,ZHANG Liyuan,JIN Tao and CHEN Chuan. Dynamic Buffer Overflow Prevention Based on k Circular Random Sequence[J]. Journal of Tongji University(Natural Science), 2010, 38(6): 917-924. DOI: 10.3969/j.issn.0253-374x.2010.06.024 |
| |
| Authors: | JIANG Jianhui ZHANG Liyuan JIN Tao CHEN Chuan |
| |
| Affiliation: | Department of Computer Science and Technology,Tongji University,Shanghai 201804,China;Department of Computer Science and Technology,Tongji University,Shanghai 201804,China;Shanghai Rail-Transit Information Management & Administration Centre,Shanghai 201103,China;Shanghai Rail-Transit Information Management & Administration Centre,Shanghai 201103,China |
| |
| Abstract: | The paper presents an analysis of the principle of stack buffer overflow attacks and basic attack patterns for Intel 80×86 architecture and C/C++.Then,the merits and drawbacks of the existing dynamic buffer overflow prevention methods are discussed.On the basis of the address obfuscation and integrity checking,this paper presents a new dynamic buffer overflow prevention method based on k circular random sequence.This improved prevention method can defend attacks of multiple patterns with high probability and enhance the intrusion-tolerance capability of the vulnerable software. |
| |
| Keywords: | buffer overflow stack overflow software vulnerability dynamic prevention intrusion tolerance |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《同济大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《同济大学学报(自然科学版)》下载全文 |
|
