首页 | 本学科首页   官方微博 | 高级检索  
     

基于shellcode检测的缓冲区溢出攻击防御技术研究
引用本文:何乔,吴廖丹,张天刚.基于shellcode检测的缓冲区溢出攻击防御技术研究[J].计算机应用,2007,27(5):1044-1046.
作者姓名:何乔  吴廖丹  张天刚
作者单位:江南计算技术研究所,江苏,无锡,214083
基金项目:国家高技术研究发展计划(863计划)
摘    要:缓冲区溢出攻击对计算机和网络安全构成极大威胁。从缓冲区溢出攻击原理和shellcode实现方式出发,提出针对shellcode的溢出攻击防御技术。描述shellcode获取控制权前后,从代码特点、跳转方式及shellcode恶意功能实现过程等方面入手,检测并阻止shellcode以对抗溢出攻击的几种技术。最后对这些技术的优缺点进行比较分析,指出其中较为优秀的方法,并就更全面提高系统安全性提出了一些建议。

关 键 词:缓冲区溢出攻击  缓冲区溢出攻击防御  shellcode  基址重定位  Hook  API
文章编号:1001-9081(2007)05-1044-03
收稿时间:2006-11-28
修稿时间:2006-11-282007-02-05

Research of defending buffer overflow exploits based on detecting and preventing shellcode
HE Qiao,WU Liao-dan,ZHANG Tian-gang.Research of defending buffer overflow exploits based on detecting and preventing shellcode[J].journal of Computer Applications,2007,27(5):1044-1046.
Authors:HE Qiao  WU Liao-dan  ZHANG Tian-gang
Affiliation:Jiangnan Institute of Computing Technology, Wuxi Jiangsu 214083, China
Abstract:Buffer overflow exploits threat computer systems and the network security very seriously. The principles of buffer overflow exploit and shellcode were introduced first. Then the paper described the method of defending buffer overflow exploit based on detecting shellcode from several aspects including recognizing shellcode from the data types, rebasing modules to prevent shellcode from jumping to the shellcode, and disturbing the methods shellcode use to achieve malicious purposes. At last, advantages and disadvantages of these methods were analyzed and compared and the best of them was pointed out. Several measures were introduced to improve system security more comprehensively.
Keywords:buffer overflow exploit  buffer overflow exploit defending  shellcode  Hook API
本文献已被 CNKI 维普 万方数据 等数据库收录!
点击此处可从《计算机应用》浏览原始摘要信息
点击此处可从《计算机应用》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号