摘要: 提出一种基于动态二进制平台的缓冲区溢出过程分析方法,并实现基于该方法的原型系统。分析缓冲区溢出攻击方法的特点,给出基于异常捕获、控制流分析和内存状态检查的溢出检测方法。通过对内存读写指令、控制转移指令进行监控,获得函数调用序列和数据传递关系,定位导致缓冲区溢出的代码。实验结果表明,该系统能有效检测缓冲区溢出,准确定位导致溢出的代码位置。
关键词:
缓冲区溢出,
动态二进制平台,
溢出检测,
溢出定位,
控制流分析,
数据流分析
Abstract: This paper proposes an process analysis method for buffer overflow based on dynamic binary platform, and a prototype system based on this method is implemented. According to the principle of buffer overflow attacks, overflow detection method based on exception caught, control flow analysis, and memory status checks is implemented. By monitoring memory read and write, control transfer instructions, system obtains call sequences and data transfer flow. Through analysis of memory data and function calls, orientation code leads to buffer overflow. Experimental results show that the system can detect buffer overflows, and accurate positioning code results in buffer overflow.
Key words:
buffer overflow,
dynamic binary platform,
overflow detection,
overflow positioning,
control flow analysis,
data flow analysis
中图分类号:
董鹏程, 舒辉, 康绯, 王乾, 魏巍. 基于动态二进制平台的缓冲区溢出过程分析[J]. 计算机工程, 2012, 38(06): 66-68.
DONG Feng-Cheng, SHU Hui, KANG Fei, WANG Gan, WEI Wei. Process Analysis of Buffer Overflow Based on Dynamic Binary Platform[J]. Computer Engineering, 2012, 38(06): 66-68.