| 缓冲区溢出攻击原理与防范的研究* |
| |
| 引用本文: | 王业君,倪惜珍,文伟平,蒋建春.缓冲区溢出攻击原理与防范的研究*[J].计算机应用研究,2005,22(10):101-104. |
| |
| 作者姓名: | 王业君 倪惜珍 文伟平 蒋建春 |
| |
| 作者单位: | 中国科学院,软件研究所,信息安全技术工程研究中心,北京,100080 |
| |
| 基金项目: | 国家自然科学基金资助项目(60083007);国家“973”计划资助项目(G1999035810) |
| |
| 摘 要: | 缓冲区溢出攻击是网络攻击事件中最常用的一种攻击方式,成为系统和网络安全中亟待解决的重要问题。在分析缓冲区溢出攻击原理的基础上,说明了攻击的成因,然后描述了目前常见的攻击类型,最后给出了现有的防范措施,进而提出了一种新的通过对编译器及相关系统级函数进行修改来解决该问题的方案。
|
| 关 键 词: | 缓冲区溢出攻击 系统安全 边界检查 |
| 文章编号: | 1001-3695(2005)10-0101-04 |
| 收稿时间: | 2004-09-26 |
| 修稿时间: | 2004-10-28 |
Research on Principle and Defense of Buffer Overflow Attacks |
| |
| WANG Ye-jun,NI Xi-zhen,WEN Wei-ping,JIANG Jian-chun.Research on Principle and Defense of Buffer Overflow Attacks[J].Application Research of Computers,2005,22(10):101-104. |
| |
| Authors: | WANG Ye-jun NI Xi-zhen WEN Wei-ping JIANG Jian-chun |
| |
| Affiliation: | (Engineering Research Center for Information Security Technology,Institute of Software,Chinese Academy of Sciences,Beijing 100080,China) |
| |
| Abstract: | The buffer overflow attacks have been the most common form in the network attacks and become a predominant problem in the system and network security area. After the principle of the buffer overflow attack is explained, this paper analyzes the causes leading to the attacks. Then the usual attack types the attackers often exploit are presented. Last, the common measures to defend these attacks and my own idea about the solution of this problem by modifying the compiler and the relevant functions of the system are given. |
| |
| Keywords: | Buffer Overflow Attack System Security Edge Checking |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
