| 防御Windows栈溢出攻击的新方法 |
| |
| 引用本文: | 薛 寒,李祥和,李 硕. 防御Windows栈溢出攻击的新方法[J]. 信息工程大学学报, 2006, 7(4): 351-354 |
| |
| 作者姓名: | 薛 寒 李祥和 李 硕 |
| |
| 作者单位: | 信息工程大学,信息工程学院,河南,郑州,450002 |
| |
| 基金项目: | 河南省科技局科技攻关计划资助项目(SP200402089) |
| |
| 摘 要: | 针对栈溢出攻击依然是流行的计算机系统攻击手段的状况,文章为Windows开发了一个工作在装配时刻的防御栈溢出攻击的新方法,它运用栈溢出攻击检测机制来改写给定的可执行文件,不需要源代码支持。本文建立了相应的技术原型,它可以应用于简单应用程序、DLL、多线程应用程序和多线程应用程序使用的DLL,并能成功防御现实攻击。
|
| 关 键 词: | 主机安全 缓冲区溢出 栈溢出攻击 |
| 文章编号: | 1671-0673(2006)04-0351-04 |
| 收稿时间: | 2006-07-03 |
| 修稿时间: | 2006-07-03 |
New Method to Defend against Stack Smashing Attacks for Windows |
| |
| XUE Han,LI Xiang-he,LI Shuo. New Method to Defend against Stack Smashing Attacks for Windows[J]. , 2006, 7(4): 351-354 |
| |
| Authors: | XUE Han LI Xiang-he LI Shuo |
| |
| Affiliation: | Institute of Information Engineering, Information Engineering University, Zhengzhou 450002, China |
| |
| Abstract: | Stack smashing is still one of the most popular techniques for computer system attack.An anti-stack-smashing defense technique for Microsoft Windows systems is presented in this paper.This technique,which consists of instrumenting a given executable with a mechanism to detect stack smashing attacks,works at install-time and does not rely on having access to the source-code.This paper developed a prototype for simple applications,DLLs,multithreaded applications,and DLLs used by multithreaded applications,and verified that it successfully defends against actual exploit code. |
| |
| Keywords: | computer security buffer overflow stack smashing |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《信息工程大学学报》浏览原始摘要信息 |
|
点击此处可从《信息工程大学学报》下载免费的PDF全文 |
