摘要: 给出缓冲区溢出的基本原理和现有检测技术,针对二进制可执行文件中存在的缓冲区溢出漏洞,提出一种缓冲区溢出检测模型,该模型采用静态检测和动态检测相结合的方法。对检测结果采取污点跟踪法进行人工分析,采用插件技术给出缓冲区溢出检测模型的具体设计。实验结果证明该模型的设计是有效的。
关键词:
缓冲区溢出,
可执行文件,
静态检测,
动态检测,
人工分析
Abstract: This paper describes the basic principles of buffer overflow and the current detection technology, and presents a detection model for buffer overflow vulnerability on binary executable file. The model uses static and dynamic detection technologies, and analyzes artificially the result in stain-tracking way. It gives specific reality for the detection model for buffer overflow in plug-in technology. Experimental results show effectiveness of the defection model.
Key words:
buffer overflow,
executable file,
static detection,
dynamic detection,
artificial analysis
中图分类号:
黄玉文;刘春英;李肖坚;. 基于可执行文件的缓冲区溢出检测模型[J]. 计算机工程, 2010, 36(2): 130-131.
HUANG Yu-wen; LIU Chun-ying; LI Xiao-jian;. Detection Model for Buffer Overflow Based on Executable File[J]. Computer Engineering, 2010, 36(2): 130-131.