| Summary: | 碩士 === 國立中山大學 === 資訊工程研究所 === 87 === Recently because of the development of cryptography technique( such as the symmetric encryption, asymmetric encryption technique), network communication is much more secure than before. That is the crypto-technique privides a secure pathway between hosts, strong authentication for user identification and also strict authorization of resource allocation. But at the end side, no matter the client side or server side, the program will unpack the protecting data into the original format in order to process. At this moment, if we have got some problems of system security, the intruders may get the original format of data they want without taking efforts on the decryption stuff.
Thus, since the buffer overflow attack is the most common problem of system vulnerabilities, this paper presents an strong solution for the problem of buffer overflow attacks where we focus on the characteristic of buffer overflow attacks and the relationship between user privilege and memory access behavior of the Operating System and find out the interception points. To provide the UNIX operating system and IDS the new feature of full and real-time detection of buffer overflow attacks. And to provide level defense further according to the system administration policies.
|
|---|
