基于源代码的缓冲区溢出预防技术

基于缓冲区溢出的攻击是一种常见的安全攻击手段,也是目前惟一最重要最常见的安全威胁。在所有的软件安全漏洞中,缓冲区溢出漏洞大约占一半。该文从编程的角度分析了缓冲区溢出攻击,并提出在源代码阶段尽量避免缓冲区溢出的方法。     

缓冲区溢出的建模分析

论文介绍了一种检测缓冲区溢出漏洞的建模方法。该方法的关键是对C语言的源代码做静态分析,把缓冲区溢出这个事件作为一个整数区域问题来看待,从而建立缓冲区溢出的数学模型。该模型的一个优点是在代码编译以前可以通过静态分析的方法来发现潜在的缓冲区溢出漏洞。     

静态检测缓冲区溢出漏洞

缓冲区溢出漏洞是目前惟一最重要最常见的安全威胁。文中分析了防止缓冲区溢出攻击的运行时方法的不足：介绍了一种静态检测缓冲区溢出漏洞的方法及工具。给源代码添加注解，用注解辅助静态分析，用这种方法能够在软件交付使用前，检测出程序中潜在的安全漏洞。     

一种基于代码静态分析的缓冲区溢出检测算法

缓冲区溢出目前已成为最常见的软件安全漏洞之一,从源代码形式来看,常见的缓冲区溢出漏洞主要有两种类型:数据拷贝和格式化字符串造成的缓冲区溢出.分析了常见缓冲区溢出漏洞发生的原因,给出了格式化字符串存储长度的计算方法,介绍了一种基于源代码静态分析的缓冲区溢出检测算法,该算法首先对源代码进行建模,构造其抽象语法树、符号表、控制流图、函数调用图,在此基础上运用区间运算技术来分析和计算程序变量及表达式的取值范围,并在函数间分析中引入函数摘要来代替实际的函数调用.最后使用该方法对开源软件项目进行检测,结果表明该方法能够有效地、精确地检测缓冲区溢出.     

针对非控制数据的缓冲区溢出保护程序

已有的检测缓冲区溢出漏洞的方法有静态的也有动态的.静态分析在软件运行前,析其源代码,找出可能存在的漏洞;动态方法在运行时对可能存在漏洞的软件行为进行监视,发现异常后,进行判断,然后做出适当处理.在分析了传统缓冲区溢出方法的基础上,依据缓冲区溢出攻击的发展趋势,针对非控制数据的缓冲区溢出攻击,提出了一种主要针对非控制数据缓冲区溢出攻击的测试方法,使用变量标识来测试是否发生了缓冲区溢出攻击.这种方法综合了静态和动态分析的优点,能够有效地防御缓冲区溢出攻击.     

一种抗地址淹没的缓冲区栈溢出算法

缓冲区溢出是常见的网络漏洞攻击,其中最重要的是栈溢出攻击。通过分析缓冲区溢出攻击的方法和特点,提出一种基于StackShield改进的RetProtect算法,首先利用IDA Pro对源程序反汇编分析,然后建立新的库函数,并通过修改gcc源代码来实现程序执行时对函数返回地址的备份的方法来检测缓冲区溢出攻击的发生。与其它栈溢出攻击检测方法相比,RetProtect算法可有效地阻止对返回地址进行淹没的栈溢出攻击,对用户透明,系统兼容性好。     

基于状态转换模型的二进制代码缓冲区溢出漏洞检测

根据缓冲区溢出的基本原理,提出一种基于状态转换模型的二进制代码缓冲区溢出漏洞检测方法。该方法以可执行程序为分析目标,从而使漏洞检测过程摆脱对程序源代码的依赖。详细描述该漏洞检测方法的技术细节,并给出该方法与流行的缓冲区溢出漏洞检测方法的对比。     

静态检测缓冲区溢出漏洞

缓冲区溢出漏洞是目前惟一最重要最常见的安全威胁.文中分析了防止缓冲区溢出攻击的运行时方法的不足.介绍了一种静态检测缓冲区溢出漏洞的方法及工具.给源代码添加注解,用注解辅助静态分析,用这种方法能够在软件交付使用前,检测出程序中潜在的安全漏洞.     

一种C语言缓冲区溢出漏洞检测的静态分析方法

为更准确的检测程序中可能出现的缓冲区溢出漏洞,本文提出了一种c语言缓冲区溢出漏洞检测的静态分析方法,它在源代码的SSA(StaticSingleAssignment)形式上进行外部数据分析,并给出了该方法的实现过程。通过实践的结果表明该方法能有效的避免误判,与其他同类方法相比具有较高的准确性。     

栈溢出的动态检测技术

缓冲区溢出是计算机界的一个古老话题，计算机界和学术界为检测和预防缓冲区溢出投入了很多的精力。但根据CERT（www．cert．org）的数据显示，最近几年中，缓冲区溢出大约占程序错误的50％。另外，根据CERT Ad—visory数据显示，目前仍然有50％左右的安全威胁系来自缓冲区溢出。因此可以说，缓冲区溢出的问题并没有得到根本的解决，而栈溢出是一种最基本的缓冲区溢出。和堆溢出相比，栈溢出更难于监控和危害性更大，因此研究栈溢出具有实际意义。本文对各种栈溢出的检测技术进行了分类和总结，希望能够对栈设计溢出的检测工具提供一些思路。同时，本文介绍了实现栈溢出的动态检测技术中涉及到的各种插装技术，并对各种各样的插装技术进行了总结。     

Nearly bent functions

In this paper, we define a large class of almost balanced Boolean functions called nearly bent functions. These functions lie at large Hamming distance to all affine functions and preserve a high level of algebraic degree. Then a construction of nearly bent functions is described. It is shown that the constructed functions have good global avalanche characteristic properties. In the concluding remarks, we show that nearly bent functions have good stability.     

The Set of Hausdorff Continuous Functions— The Largest Linear Space of Interval Functions

Hausdorff continuous (H-continuous) functions are special interval-valued functions which are commonly used in practice, e.g. histograms are such functions. However, in order to avoid arithmetic operations with intervals, such functions are traditionally treated by means of corresponding semi-continuous functions, which are real-valued functions. One difficulty in using H-continuous functions is that, if we add two H-continuous functions that have interval values at same argument using point-wise interval arithmetic, then we may obtain as a result an interval function which is not H-continuous. In this work we define addition so that the set of H-continuous functions is closed under this operation. Moreover, the set of H-continuous functions is turned into a linear space. It has been also proved that this space is the largest linear space of interval functions. These results make H-continuous functions an attractive tool in real analysis and provides a bridge between real and interval analysis.     

支持向量机的5阶光滑函数及其性能分析

光滑函数在支持向量机中起着重要作用,熊金志等人用插值函数的方法导出了一个递推公式,得到了一类新的光滑函数,解决了一个关于是否存在以及如何寻求性能更好的光滑函数的问题。然而其中五阶光滑的多项式函数还未进行性能分析。首先推导出了该光滑函数的表达式,然后分析了它的若干性能。结果表明,该光滑函数具有良好的逼近性能,其逼近精度高于以往的光滑函数。     

An Efficient Hardware Implementation of Feed-Forward Neural Networks

This paper proposes a new way of digital hardware implementation of nonlinear activation functions in feed-forward neural networks. The basic idea of this new realization is that the nonlinear functions can be implemented using a matrix-vector multiplication. Recently a new approach was proposed for the efficient realization of matrix-vector multipliers, and this approach can be applied for implementing nonlinear functions if these functions are approximated by simple basis functions. The paper proposes to use B-spline basis functions to approximate nonlinear sigmoidal functions, it shows that this approximation fulfils the general requirements on the activation functions, presents the details of the proposed hardware implementation, and gives a summary of an extensive study about the effects of B-spline nonlinear function realization on the size and the trainability of feed-forward neural networks.     

Wavelet approximation-based affine invariant shape representation functions

In this paper, new wavelet-based affine invariant functions for shape representation are presented. Unlike the previous representation functions, only the approximation coefficients are used to obtain the proposed functions. One of the derived functions is computed by applying a single wavelet transform; the other function is calculated by applying two different wavelet transforms with two different wavelet families. One drawback of the previously derived detail-based invariant representation functions is that they are sensitive to noise at the finer scale levels, which limits the number of scale levels that can be used. The experimental results in this paper demonstrate that the proposed functions are more stable and less sensitive to noise than the detail-based functions.     

Robust loss functions for boosting

Boosting is known as a gradient descent algorithm over loss functions. It is often pointed out that the typical boosting algorithm, Adaboost, is highly affected by outliers. In this letter, loss functions for robust boosting are studied. Based on the concept of robust statistics, we propose a transformation of loss functions that makes boosting algorithms robust against extreme outliers. Next, the truncation of loss functions is applied to contamination models that describe the occurrence of mislabels near decision boundaries. Numerical experiments illustrate that the proposed loss functions derived from the contamination models are useful for handling highly noisy data in comparison with other loss functions.     

A generalized orthonormal basis for linear dynamical systems

In many areas of signal, system, and control theory, orthogonal functions play an important role in issues of analysis and design. In this paper, it is shown that there exist orthogonal functions that, in a natural way, are generated by stable linear dynamical systems and that compose an orthonormal basis for the signal space l₂ⁿ . To this end, use is made of balanced realizations of inner transfer functions. The orthogonal functions can be considered as generalizations of, for example, the pulse functions, Laguerre functions, and Kautz functions, and give rise to an alternative series expansion of rational transfer functions. It is shown how we can exploit these generalized basis functions to increase the speed of convergence in a series expansion, i.e., to obtain a good approximation by retaining only a finite number of expansion coefficients. Consequences for identification of expansion coefficients are analyzed, and a bound is formulated on the error that is made when approximating a system by a finite number of expansion coefficients     

C语言中函数编写方法的分析与探讨

函数是C语言学习的难点和重点,通过分析函数的结构,将函数编写中难以确定的问题进行分解、细化。按照返回值的个数将函数分为:无返回值函数、单反回值函数、多返回值函数三种类型。对这三种类型函数的设计方法分别举例分析和说明,详细阐述了函数编写的具体过程。     

A Normal Form for Function Rings of Piecewise Functions

Computer algebra systems often have to deal with piecewise continuous functions. These are, for example, the absolute value function, signum, piecewise defined functions but also functions that are the supremum or infimum of two functions. We present a new algebraic approach to these types of problems. This paper presents a normal form for a function ring containing piecewise polynomial functions of a real variable. We give a complete rule system to compute the normal form of an expression. The main result is that this normal form can be used to decide extensional equality of two piecewise functions. Also we define supremum and infimum for piecewise functions; in fact, we show that the function ring forms a lattice. Additionally, a method to solve equalities and inequalities in this function ring is presented. Finally, we give a “user interface” to the algebraic representation of the piecewise functions.     

Affine invariants for object recognition using the wavelet transform

Dyadic wavelet transform has been used to derive affine invariant functions. The invariant functions are based on the dyadic wavelet transform of the object boundary. Three invariant functions have been calculated using different numbers of dyadic levels. Experimental results show that these invariant functions outperform some traditional invariant functions. The stability of these invariant functions have been tested for a large perspective transformation.