摘要
堆栈溢出 ( Stack overflow)攻击是当前攻击计算机的一种常用手段 .首先对各种类型的堆栈溢出漏洞和攻击手段进行分析 ,然后针对这些漏洞讨论已有的各种预防攻击的办法 ,最后提出了一种利用动态修改堆栈空间和静态植入二进制代码的方法来实现对于堆栈的保护 .分析结果表明 ,由于所监控的函数本身对效率的要求不高 ,同时被系统调用的次数不多 ,所插入的代码一方面很好地防御了通常的堆栈溢出攻击 ,另一方面对于整个程序的效率也几乎没有任何影响 ,而且对于新发现的具有安全漏洞的函数 ,只要将其加入监控函数列表 ,就可以使整个程序的架构保持不变 。
The nature of how the stack overflow attack happens was analyzed. After taking a look about the different prevention ways against the stack overflow, a new implementation was proposed. By modifying the stack space in the fly and implanting binary code static, the stack overflow can be detected with little penalty. The result shows that since those monitored APIs have low expectation of efficiency and there are few called times, the implementation can prevent computers from the buffer overflow attack. For those new APIs to be monitored, the only thing needs to do is adding them to the monitor list which brings about the easy maintenance of the whole program.
出处
《上海交通大学学报》
EI
CAS
CSCD
北大核心
2002年第9期1346-1350,共5页
Journal of Shanghai Jiaotong University
