计算机工程2011,Vol.37Issue(10):111-113,116,4.DOI:10.3969/j.issn.1000-3428.2011.10.037
一种缓冲区溢出攻击的实时检测方法
Real-time Detection Method of Buffer Overflow Attacks
史胜利 1任平安2
作者信息
- 1. 陕西师范大学计算机科学学院,西安,710062
- 2. 包头师范学院信息科学与技术学院,内蒙古,包头,014030
- 折叠
摘要
Abstract
According to the features that the attacker usual depends on modifying function return address or function entry address to change the program execution sequence and the structural characteristics of ELF file, while calling function and returning after function calling, certain specific information is dealed with in order to detect attack action.This paper presents a new approach of detecting buffer overflow attacks at runtime depending on the pin that is a tool for the dynamic program monitoring and provides numbers of API functions to design a tool which executives runtime program.Case analysis shows that the method does not need alter the software and hardware system.关键词
程序监控/缓冲区溢出/全局偏移表/实时检测Key words
program monitoring/ buffer overflow/ Global Offset Table(GOT)/ real-time detection分类
信息技术与安全科学引用本文复制引用
史胜利,任平安..一种缓冲区溢出攻击的实时检测方法[J].计算机工程,2011,37(10):111-113,116,4.
