摘要
近年来经常发生网络攻击和网络安全漏洞,其中极具破坏力的系统攻击基本上都是缓冲区溢出漏洞攻击,这是最常见的一种网络攻击技术。论文首先对采用C语言编写的应用程序的内存空间分布进行了叙述,通过具体程序叙述了缓冲区溢出漏洞攻击的基本原理、缓冲区溢出攻击的类别和预防方法,阐述了当前主流的缓冲区溢出攻击防御软件的原理、介绍了防御缓冲区溢出攻击的方法,包括静态防御和动态防御进行了叙述,研究了常见的缓冲区溢出漏洞和攻击手段以及防御方法,对目前缓冲区溢出防御研究成果进行分析总结,提出如何预防缓冲区溢出漏洞攻击的建议。
In recent years,cyber attacks and network security vulnerabilities have frequently occurred.The most destructive system attacks are basically buffer overflow vulnerability attacks,which is the most common type of network attack technology.Firstly,the paper describes the memory space distribution of the application written in C language.The basic principle of buffer overflows vulnerability attack,the category and prevention methods of buffer overflow attack are described by specific procedures and the current mainstream buffer overflow is expounded.The principle of attack defense software,the methods of defending against buffer overflow attacks,including static defense and dynamic defense are introduced,and common buffer overflow vulnerabilities and attack methods and defense methods are studied.The recommendations for how to prevent buffer overflow vulnerability attacks are analyzed and summarized.
作者
袁连海
李湘文
徐晶
YUAN Lianhai;LI Xiangwen;XU Jing(Engineering & Technical College,Chengdu University of Technology,Leshan 614000)
出处
《舰船电子工程》
2019年第4期88-93,共6页
Ship Electronic Engineering
基金
国家自然科学基金面上项目(编号:11375055)资助
关键词
缓冲区溢出
静态防御
动态防御
buffer overflow
static defense
dynamic defense
