Abstract: Code injection attack has become a typical representative of the attacks against memory,in which buffer over-flow attacks are the most commonly used. It relics on the change of control-flow, lets the program point to the malicious code in order to obtain the root rights. This paper presented a method using randomization based on data protection, wiich can defend buffer overflow attacks effectively, through the protection of pointers and arrays.

Key words: Buffer overflow,Array protection,PointUuard,Data randomization