Computer Science

Computer Science ›› 2015, Vol. 42 ›› Issue (Z6): 382-387.

Previous Articles     Next Articles

Improved Algorithm for Buffer Overflow Detection Based on Libsafe Library

XIE Wen-bing, JIANG Jun, LI Zhong-sheng and NIU Xia-mu   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

427

Abstract: Due to the lack of boundary checking mechanism of C/C++,buffer overflow is one of the most serious attacks caused by the unsafe functions,such as strcpy.This paper firstly discussed the current mechanism of libsafe lib-rary and analyzed the drawbacks using stack frame pointer to look back upon the stack information.We proposed a method through matching the attribute code of instruction’s opcode to look back upon the stack information.By ma-tching each opcode with the candidate opcode,we could get the stack information.We also introduced hash function to store the stack information that have been computed and the return address is used as key of the hash function.We analyzed the feasibility and complexity of our improvement algorithm.Experiments were done from different perspectives of cushion,integrity,accuracy.Performance shows the effectiveness of the algorithm.

Key words: Detection of Libsafe library,Stack frame pointer,Activate record,Attribute code of instruction,Look back upon stack,Hash function

[1] CNCERT/CC2007年网络安全工作报告.中国国家互联网应急中心[R].2008:11-12
[2] 国家计算机网络入侵防范中心.2011年重要安全漏[EB/OL].http://www.nipc.org.cn/,2012-01
[3] Younan Y,Joosen W,Piessens F.Runtime countermeasures for code injection attacks against C and C++ programs[J].ACM Computing Surveys(CSUR),2012,44(3):17
[4] 何炎祥,吴伟,陈勇,等.一种用于类C语言环境的安全的类型化内存模型[J].计算机研究与发展,2012,9(11),2440-2448
[5] Baratloo A,Singh N,Tsai T K.Transparent Run-Time Defense Against Stack-Smashing Attacks[C]∥USENIX Annual Technical Conference,General Track.2000:251-262
[6] Dhurjati D,Adve V.Backwards-compatible array bounds checking for C with very low overhead[C]∥Proceedings of the 28th international conference on Software engineering.ACM,2006:162-171
[7] Vachharajani N,Bridges M J,Chang J,et al.RIFLE:An architectural framework for user-centric information-flow security[C]∥37th International Symposium on Micro architecture(MICRO-37 2004).IEEE,2004:243-254
[8] Shaw A.Program transformations to fix C buffer overflows[C]∥Companion Proceedings of the 36th International Conference on Software Engineering.ACM,2014:733-735
[9] 俞甲子,石凡,潘爱民.程序员的自我修养-链接、装载和库[M].北京:电子工业出版社,2009
[10] 潘大庆,覃纪武.基于Libsafe 的缓冲区溢出防范技术的研究[J].电脑知识与技术:学术交流,2006(7):86-87
[11] 王雅文,姚欣洪,宫云战,等.一种基于代码静态分析的缓冲区溢出检测算法[J].计算机研究与发展,2012,9(4):839-845
[12] 李鹏,王汝传,王绍棣.格式化字符串攻击检测与防范研究[J].南京邮电大学学报:自然科学版,2007,5:1-6
[13] Lin Z,Mao B,Xie L.LibsafeXP:A Practical and Transparent Tool for Run-time Buffer Overflow Preventions[C]∥Information Assurance Workshop.IEEE,2006:332-339
[14] 王恩海.特征匹配引擎设计与实现[J].计算机系统应用,2010,9(9):115-119
[15] Newsome E J,Karp B,Song D.Polygraph:Automatically generating signatures for polymorphic worms[C]∥Proceedings of the IEEE Symposium on Security and Privacy.May 2005:1-6
[16] Lu S,Li Z,Qin F,et al.Bugbench:Benchmarks for evaluating bug detection tools[C]∥Workshop on the Evaluation of Software Defect Detection Tools.2005:1-5
[17] Dixit K M.The SPEC benchmarks[J].Parallel computing,1991,17(10):1195-1209
[18] Avijit K,Gupta P.TIED,LibsafePlus:Tools for Runtime Buffer Overflow Protection[C]∥Proc of 13th USENIX Security Symposium(Security’04).USENIX Association,2004:45-56
[19] Denning P J.The working set model for program behavior[J].Communications of the ACM,1968,11(5):323-333
[20] Han W,Ren M,Tian S,et al.Static Analysis of Format String Vulnerabilities[C]∥2011 First ACIS International Symposium on Software and Network Engineering(SSNE).IEEE,2011:122-127
[21] 严芬,袁赋超,等.防御缓冲区溢出攻击的数据随机化方法[J].计算机科学,2011,8(1):1-5
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.