Windows 7操作系统关键内存防攻击研究

Research on Key Memory Attack Windows 7 Operating System

GS Stack Protection、SafeSEH、Heap Protection、DEP、ASLR技术是Windows7操作系统内存保护机制的关键技术,这五种技术对缓解缓冲区溢出攻击起到显著作用。文章以对Windows7的内存保护机制的原理分析为基础,测试了Windows7环境下绕过这些保护机制的可能性;最后对Windows7内存保护机制抵御缓冲区溢出攻击的整体效果进行了分析,指出Windows7仍然不能完全抵御缓冲区溢出攻击,并讨论了更全面提高系统安全性的改进方案。

GS Stack Protection,SafeSEH,Heap Protection,DEP,ASLR are five key technologies for the memory protection mechanism of Windows 7,these technologies significantly contribute to mitigate buffer overflow attacks.Based on the analysis of these technologies,we also tested the possibility of bypassing the protection mechanisms in Windows 7.Evaluating the effect of resisting buffer overflow of Windows 7,we pointed out that Windows 7 couldn＇t resist the buffer overflow attacks absolutely.Finally several measures were introduced to improve system security more comprehensively.