| 一种新的抵御Windows栈溢出攻击的方法 |
| |
| 引用本文: | 张连成,李祥和,李硕. 一种新的抵御Windows栈溢出攻击的方法[J]. 微电子学与计算机, 2006, 23(Z1): 187-189 |
| |
| 作者姓名: | 张连成 李祥和 李硕 |
| |
| 作者单位: | 信息工程大学,信息工程学院通信侦察工程系,河南,郑州,450002 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划);河南省科技攻关项目 |
| |
| 摘 要: | 当前栈溢出攻击依然是最流行的计算机系统攻击手段之一。文章为Windows操作系统提供了一个工作在装配时刻的防御栈溢出攻击的解决方案,它运用栈溢出攻击检测机制来改写给定的可执行文件,不需要源代码支持。文章建立了一个原型来实现所提出的技术,经过验证,它可以成功的防御现实中使用的攻击代码。接着把该原型扩展到DLL、多线程应用程序和多线程应用程序使用的DLL。测试证明,改写过的可执行文件的运行性能下降不超过8%。
|
| 关 键 词: | 计算机安全 缓冲区溢出 栈溢出攻击 二进制改写 |
| 文章编号: | 1000-7180(2006)S0-0187-03 |
| 修稿时间: | 2006-07-06 |
A New Approach to Defend Against Stack Smashing Attacks for Windows |
| |
| ZHANG Lian-cheng,LI Xiang-he,LI Shuo. A New Approach to Defend Against Stack Smashing Attacks for Windows[J]. Microelectronics & Computer, 2006, 23(Z1): 187-189 |
| |
| Authors: | ZHANG Lian-cheng LI Xiang-he LI Shuo |
| |
| Abstract: | Stack smashing is still one of the most popular techniques for computer system attack. An anti-stack-smashing defense technique for Microsoft Windows systems is presented in this paper. This technique, which consists of instrumenting a given executable with a mechanism to detect stack smashing attacks, works at install-time and does not rely on having access to the source-code. This paper developed a prototype implementing this approach and verified that it successfully defends against actual exploit code, then extended this prototype to vaccinate DLLs, multithreaded applications, and DLLs used by multithreaded applications. Meanwhile, vaccinated executables were no more than 8 percent slower than their unvaccinated originals. |
| |
| Keywords: | Computer security Buffer overflow Stack smashing Instrumentation |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
