| 基于简化控制流监控的程序入侵检测 |
| |
| 引用本文: | 夏耐,郭明松,茅兵,谢立. 基于简化控制流监控的程序入侵检测[J]. 电子学报, 2007, 35(2): 358-361 |
| |
| 作者姓名: | 夏耐 郭明松 茅兵 谢立 |
| |
| 作者单位: | 南京大学计算机软件新技术国家重点实验室,南京大学计算机科学与技术系,江苏南京,210093;南京大学计算机软件新技术国家重点实验室,南京大学计算机科学与技术系,江苏南京,210093;南京大学计算机软件新技术国家重点实验室,南京大学计算机科学与技术系,江苏南京,210093;南京大学计算机软件新技术国家重点实验室,南京大学计算机科学与技术系,江苏南京,210093 |
| |
| 摘 要: | 针对程序漏洞的攻击是目前一个非常严重的安全问题.该文提出了一个程序运行时候控制流监控的简化方法.与基于系统调用的入侵检测方法相比,该方法有更细的监控粒度;而与完全函数调用关系监控的方法相比,该方法同样有效但实施更为简单.测试结果表面该方法能够有效地针对已有的多种攻击类型进行防范.
|
| 关 键 词: | 信息安全 程序漏洞 入侵检测 控制流 函数调用关系图 简化函数调用轨迹 |
| 文章编号: | 0372-2112(2007)02-0358-04 |
| 收稿时间: | 2006-01-04 |
| 修稿时间: | 2006-01-042006-07-11 |
Program Intrusion Detection Based on Simplified Control Flow Monitoring |
| |
| XIA Nai,GUO Ming-song,MAO Bing,XIE Li. Program Intrusion Detection Based on Simplified Control Flow Monitoring[J]. Acta Electronica Sinica, 2007, 35(2): 358-361 |
| |
| Authors: | XIA Nai GUO Ming-song MAO Bing XIE Li |
| |
| Affiliation: | State Key Laboratory for Novel Software Technology,Department of Computer Science and Technology,Nanjing University,Nanjing,Jiangsu 210093,China |
| |
| Abstract: | Attacks to program vulnerabilities is a severe problem nowadays.This paper puts forward a new simplified approach based on programs' runtime control flow monitoring.Compared to the methods based on system call sequence analysis,this approach has better granularity;Compared to the methods using whole call graph verification,it has the same effectiveness but more applicable.The results show that this approach can detect many kinds of known attacks to program vulnerabilities. |
| |
| Keywords: | information security program vulnerabilities intrusion detection control flow call graph simplified function call trace |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载免费的PDF全文 |
|
