| 缓冲区溢出攻击的分析与实时检测 |
| |
| 引用本文: | 尚明磊,黄皓.缓冲区溢出攻击的分析与实时检测[J].计算机工程,2005,31(12):36-38,45. |
| |
| 作者姓名: | 尚明磊 黄皓 |
| |
| 作者单位: | 南京大学计算机科学与技术系,南京,210093;南京大学软件新技术国家重点实验室,南京,210093;南京大学计算机科学与技术系,南京,210093 |
| |
| 基金项目: | 国家“863”计划基金资助项目“智能入侵检测与攻击预警系统”(2001AA142010) |
| |
| 摘 要: | 分析了缓冲区溢出的原理和溢出字符串,然后对几种典型的缓冲区溢出实时检测技术进行了阐述,最后提出了一种基于系统调用的缓冲区溢出检测方法。该方法通过劫持系统调用的方式为原有的系统调用函数增加了强制访问控制功能,通过监测非法系统调用的方法来检测和阻止各种获取特权的缓冲区溢出攻击。
|
| 关 键 词: | 缓冲区溢出 实n时检测 系统调用 |
| 文章编号: | 1000-3428(2005)12-0036-03 |
Buffer Overflow Attacks Analysis and Real-time Detection |
| |
| SHANG Minglei,HUANG Hao.Buffer Overflow Attacks Analysis and Real-time Detection[J].Computer Engineering,2005,31(12):36-38,45. |
| |
| Authors: | SHANG Minglei HUANG Hao |
| |
| Affiliation: | SHANG Minglei2,HUANG Hao1,2 |
| |
| Abstract: | The principle of buffer overflow and overflow string are analyzed.Then several typical real-time buffer overflow attacks detectionmethods are analyzed.At last, a real-time buffer overflow attack detection approach based on system calls is presented.This approach adds mandatoryaccess control to original system call function by the means of hijacking system calls.In the way of monitoring illegal system calls,it can detect andprevent various buffer overflow attacks of improving priviledge. |
| |
| Keywords: | Buffer overflow Real-time detection System call |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
