Detection of Buffer Overflow Attacks with QEMU Emulator
碩士 === 國立中央大學 === 資訊工程研究所 === 96 === Buffer overflow has always been a dominant issue of system security. Many computer viruses or worms exploit this vulnerability to damage computer systems. Although numerous researches have been proposed to defend such attack, solutions that were really used as...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | en_US |
| Published: |
2007
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/wty7kc |
| id |
ndltd-TW-096NCU05392003 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-096NCU053920032019-05-15T19:18:53Z http://ndltd.ncl.edu.tw/handle/wty7kc Detection of Buffer Overflow Attacks with QEMU Emulator 使用QEMU模擬器偵測緩衝區溢位攻擊 Hou-Xiang Kuo 郭后翔 碩士 國立中央大學 資訊工程研究所 96 Buffer overflow has always been a dominant issue of system security. Many computer viruses or worms exploit this vulnerability to damage computer systems. Although numerous researches have been proposed to defend such attack, solutions that were really used as standard were rare. The main reason is that few solutions can be compatible with user binary code. This paper chooses QEMU emulator to emulate a hardware behavior and selects SmashGuard mechanism to test its feasibility. The result showed that it will produce some problems, and the reason was analyzed. Hence, this paper proposed a two layer checking mechanism. In addition to checking the consistency of return address, validity of return address was also checked. The result demonstrates that this mechanism can differentiate and detect typical stack-smashing attack. Li-Ming Tseng 曾黎明 2007 學位論文 ; thesis 37 en_US |
| collection |
NDLTD |
| language |
en_US |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 國立中央大學 === 資訊工程研究所 === 96 === Buffer overflow has always been a dominant issue of system security. Many computer viruses or worms exploit this vulnerability to damage computer systems. Although numerous researches have been proposed to defend such attack, solutions that were really used as standard were rare. The main reason is that few solutions can be compatible with user binary code.
This paper chooses QEMU emulator to emulate a hardware behavior and selects SmashGuard mechanism to test its feasibility. The result showed that it will produce some problems, and the reason was analyzed.
Hence, this paper proposed a two layer checking mechanism. In addition to checking the consistency of return address, validity of return address was also checked. The result demonstrates that this mechanism can differentiate and detect typical stack-smashing attack.
|
| author2 |
Li-Ming Tseng |
| author_facet |
Li-Ming Tseng Hou-Xiang Kuo 郭后翔 |
| author |
Hou-Xiang Kuo 郭后翔 |
| spellingShingle |
Hou-Xiang Kuo 郭后翔 Detection of Buffer Overflow Attacks with QEMU Emulator |
| author_sort |
Hou-Xiang Kuo |
| title |
Detection of Buffer Overflow Attacks with QEMU Emulator |
| title_short |
Detection of Buffer Overflow Attacks with QEMU Emulator |
| title_full |
Detection of Buffer Overflow Attacks with QEMU Emulator |
| title_fullStr |
Detection of Buffer Overflow Attacks with QEMU Emulator |
| title_full_unstemmed |
Detection of Buffer Overflow Attacks with QEMU Emulator |
| title_sort |
detection of buffer overflow attacks with qemu emulator |
| publishDate |
2007 |
| url |
http://ndltd.ncl.edu.tw/handle/wty7kc |
| work_keys_str_mv |
AT houxiangkuo detectionofbufferoverflowattackswithqemuemulator AT guōhòuxiáng detectionofbufferoverflowattackswithqemuemulator AT houxiangkuo shǐyòngqemumónǐqìzhēncèhuǎnchōngqūyìwèigōngjī AT guōhòuxiáng shǐyòngqemumónǐqìzhēncèhuǎnchōngqūyìwèigōngjī |
| _version_ |
1719087547672428544 |