| Shellcode静态检测技术研究 |
| |
| 引用本文: | 戈戟,史洪,徐良华. Shellcode静态检测技术研究[J]. 计算机应用与软件, 2010, 27(2): 47-49,66 |
| |
| 作者姓名: | 戈戟 史洪 徐良华 |
| |
| 作者单位: | 江南计算技术研究所,江苏,无锡,214083 |
| |
| 基金项目: | 国家高技术研究发展计划基金项目(2006AA01Z431) |
| |
| 摘 要: | 缓冲区溢出攻击是网络安全的重大威胁,事先检测是否存在Shellcode是对抗缓冲区溢出攻击的有效手段。从Shellcode构成和特征出发,分类研究各种Sheltcode静态检测技术,分析比较它们的优缺点,在此基础上提出了一种检测方案并实现了一个原型系统。
|
| 关 键 词: | 缓冲区溢出攻击 Shellcode 入侵检测 反汇编 虚拟执行 |
RESEARCH ON SHELLCODE STATIC DETECTION TECHNIQUES |
| |
| Ge Ji,Shi Hong,Xu Lianghua. RESEARCH ON SHELLCODE STATIC DETECTION TECHNIQUES[J]. Computer Applications and Software, 2010, 27(2): 47-49,66 |
| |
| Authors: | Ge Ji Shi Hong Xu Lianghua |
| |
| Affiliation: | Jiangnan Institute of Computing Technology/a>;Wuxi 214083/a>;Jiangsu/a>;China |
| |
| Abstract: | Buffer overflow attack is one of the most serious threats for Internet security,and Shellcode detection is an effective method to combat this kind of attack.Starting from the structure and characteristics of Shellcode,different kinds of static detection techniques on Shellcode are studied,their advantages and shortcomings are analysed and compared,and finally a detection scheme based on these studies is proposed and its prototype is implemented. |
| |
| Keywords: | Buffer overflow attack Shelldoce Intrusion detection Disassembly Virtual execution |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
