| 防止缓冲区溢出攻击的增强编译技术分析 |
| |
| 引用本文: | 潘亦,吴春梅,武港山.防止缓冲区溢出攻击的增强编译技术分析[J].计算机科学,2005,32(3):156-158. |
| |
| 作者姓名: | 潘亦 吴春梅 武港山 |
| |
| 作者单位: | 南京大学计算机软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093;南京大学计算机软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093;南京大学计算机软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093 |
| |
| 摘 要: | 通过增强传统的编译处理技术来防止缓冲区溢出攻击是一种常用有效的方法。本文比较了几个典型的应用这一技术来防卫缓冲区溢出攻击的常用工具的原理与性能,比较的结果可以指导软件开发者根据自己的安全需求来选择合适的工具来防止缓冲区溢出攻击,以达到提高软件安全性能的目的,也有助于正在研究缓冲区溢出攻击防范技术的工作者提出更加有效而安全的防止缓冲区溢出攻击工具。
|
| 关 键 词: | 缓冲区溢出攻击 C程序边界检查 StackGuard PointGuard RAD |
Analysis of Compiler Technology Enhancement for Buffer Overflow Prevention |
| |
| PAN Yi,WU Chun-mei,WU Gang-Shah.Analysis of Compiler Technology Enhancement for Buffer Overflow Prevention[J].Computer Science,2005,32(3):156-158. |
| |
| Authors: | PAN Yi WU Chun-mei WU Gang-Shah |
| |
| Affiliation: | PAN Yi,WU Chun-Mei,WU Gang-Shan State Key Laboratory for Novel Software Technology,Nanjing University,Nanjing 210093 Department of Computer Science & Technology,Nanjing University,Nanjing 210093 |
| |
| Abstract: | Enhancing compiler technology is one of the publicly available methods for buffer overflow prevention. This paper compares four typical and publicly available tools for buffer overflow prevention by enhancing compiler technology. Our motivation for this is to guide software developers to choose an appropriate tool to increase software quality from a security point of view, and also guide the researchers to bring forward their own more effective and safer method on buffer overflow prevention. |
| |
| Keywords: | Prevent buffer overflow Bounds checking for C StackGuard Pointguard RAD |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
|
