基于控制流数据保护的缓冲区溢出防御方法OACSCDCSTPCD
Dynamic stack buffer overflow prevention based on protection of control-flow data
根据栈缓冲区溢出的基本原理,介绍了三种缓冲区溢出攻击的基本模式,分析了现有的动态防御方法所存在的优缺点.以此为基础,提出了一种基于控制流相关数据保护的栈缓冲区溢出动态防御方法,引入了加密机制,有效地防御攻击者对保护数据的篡改.设计并实现了针对目标文件为对象的二进制文件重构工具,通过理论分析和实验表明该方法能够极大概率防御各种缓冲区溢出攻击.
The basic attack patterns of stack buffer overflow are introduced based on the principles of stack buffer overflow. A new dynamic stack buffer overflow prevention method based on protection of control-flow related data is proposed due to the weakness of the existing dynamic buffer overflow prevention methods. At the same time, two encryption algorithms are introduced to protect the control-flow related data. The new method is proved to be able to defen…查看全部>>
张蓝图;王瑛
中船重工第709研究所,武汉430074中船重工第709研究所,武汉430074
信息技术与安全科学
软件漏洞栈缓冲区溢出动态防御控制流数据
software vulnerabilitystack buffer overflowdynamic preventioncontrol-flow data
《计算机工程与应用》 2012 (15)
63-69,87,8
评论