作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2006, Vol. 32 ›› Issue (18): 147-148,. doi: 10.3969/j.issn.1000-3428.2006.18.053

• 安全技术 • 上一篇    下一篇

一种缓冲区溢出漏洞分析与探测算法BOVADA

赖 滇,黄 宇   

  1. (信号盲处理国防科技重点实验室,成都610041)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2006-09-20 发布日期:2006-09-20

Arithmetic to Analyze and Detect Buffer Overflow Vulnerability

LAI Dian, HUANG Yu   

  1. (National Defence Key Laboratory of Blind Processing of Signals, Chengdu 610041)
  • Received:1900-01-01 Revised:1900-01-01 Online:2006-09-20 Published:2006-09-20

摘要: 讨论了计算机系统漏洞分析与探测的一般模型,在此基础之上,提出了一种新的缓冲区溢出漏洞分析与探测模型及算法BOVADA。通过构造特殊的测试程序,BOVADA算法能够确定被测程序中造成溢出的函数、系统溢出点、系统跳转地址。与其它缓冲区溢出分析与探测模型及算法相比,BOVADA具有结构清晰、功能完整、参数精确的优点。并以Windows2000 WorkStation服务溢出漏洞为例,验证了BOVADA算法的可行性。

关键词: 溢出, BOVADA, WorkStation

Abstract: This paper discusses the common model to analyze and detect computer operation system vulnerabilities. Based on the model, it proposes a new model and arithmetic, BOVADA, to analyze and detect the buffer overflow vulnerability. Utilizing the special test code, BOVADA can determine the overflow function, overflow point, jump address of the system to be tested. Compared with other model and arithmetic, BOVADA has some advantages, such as more plain structure, more integrate function, and more accurate parameter. Finally, BOVADA is proved to be true on WorkStation service vulnerability of Windows2000.

Key words: Overflow, BOVADA, WorkStation