DONG Feng-Cheng, SHU Hui, KANG Fei, WANG Gan, WEI Wei
This paper proposes an process analysis method for buffer overflow based on dynamic binary platform, and a prototype system based on this method is implemented. According to the principle of buffer overflow attacks, overflow detection method based on exception caught, control flow analysis, and memory status checks is implemented. By monitoring memory read and write, control transfer instructions, system obtains call sequences and data transfer flow. Through analysis of memory data and function calls, orientation code leads to buffer overflow. Experimental results show that the system can detect buffer overflows, and accurate positioning code results in buffer overflow.