期刊文献+

一种新的格式化串读写越界防御模型

A New Model of Defending Reading-writing-cross-border of Format String
下载PDF
导出
摘要 格式化串读写越界漏洞危害性非常大.介绍了格式化串读写越界的基本原理和现有防御技术,提出了一种新的格式化串读写越界防御模型;该防御模型能够对格式化串读写越界行为进行保护、检测、响应和恢复.最后给出了该模型的实现. The leaks of reading - writing - cross - border are really risky. The paper introduces basic principles and current defense technology. Then it brings a new model of defense. The new defense model can protect, detect, respond, and recover the actions of reading - writing - cross - border of format string. Finally it gives realization of the model.
出处 《菏泽学院学报》 2009年第2期62-65,共4页 Journal of Heze University
基金 国防科工委国家信息关防与网络安全保障可持续发展计划项目(2002-研2-A-007)
关键词 格式化串 读写越界 防御 虚拟机 format string reading - writing - cross - border defense virtual machine
  • 相关文献

参考文献8

  • 1Teso S T.Exploiting format string vuluerahilities[EB/OL].http://erypto.stanford.edu/cs155/papent/formatstring-1.2.pdf,2008-09-10.
  • 2CWE.Vulnerability Type Distributiom in CVE[EB/OL].http://cwe.mitre.org/documents/vuln-trends/index.html#introduction,2007-05-22.
  • 3Kemighan B W,Ritchie D.The C Programming Language[M].New Jemey:Prentice HallPress,1988:34-68.
  • 4Viega J,Bloch JT,KolmoT,et al.ITS4:A Static Vulnerability SPAinner for C and C++ Code[C].Los Alamitos:Proceedings of Annual Computer Security Appfications Conference,2000:257-267.
  • 5Tsai T,Singh N.Libsde2.0:Detection of Format String Vulnerability Exploits[J].Communications of the ACM,1990,33 (12):32-44.
  • 6David E,David L.Improving Security Using Extensible Lightweight Static Analysis[J].IEEE Software,2002,19(1):42-51.
  • 7CVE.IATF Document 3.1[EB/OL].http://www.iatf.Net/frame-wo rk-docs/vemion-3-1/index.cfm,2003-03-20.
  • 8James E S,Bavi N.Virtual Machines:Versatile Platforms for Systems and Process[M].San Fransisce:Morgan Kaufmann,2006:12-49.

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部