Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Stack overflow attack defense method

A stack overflow and function technology, which is applied in the field of computer system security, can solve the problems of stack return address integrity damage and stack overflow protection method failure.

Inactive Publication Date: 2010-10-20
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF3 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this way, after the stack overflow attack occurs, the verification process of the jump address and the protection value cannot find that the integrity of the stack return address has been destroyed
Therefore, there are other defects in the program that may cause the attacker to read the memory content out of bounds. The existing stack overflow protection method will be invalid, and the attacker can successfully intercept the program control flow by bypassing the existing protection mechanism.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Stack overflow attack defense method
  • Stack overflow attack defense method
  • Stack overflow attack defense method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The present invention will be described in more detail below through specific embodiments in conjunction with the drawings.

[0031] This embodiment provides a stack overflow attack defense method according to the present invention.

[0032] This embodiment implements a function-level stack overflow protection mechanism, and overcomes the defect that the protection method in the prior art may be bypassed by an attacker when the memory content of the program leaks. The implementation and action process of the protection are as follows figure 1 As shown, first locate the function of the potential stack overflow attack in the program as the protection object, and then insert a replacement table into the memory space of the program during the compilation process, and add the encryption return address operation to the target code prefix of the protection object function. The operation to verify the integrity of the return address is added to the suffix.

[0033] In order to reduce...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a stack overflow attack defense method, which belongs to the field of security guarantee of a computer system. The method comprises the following steps of: a) positioning a function with potential stack overflow defect in a program; b) before the function is executed, encrypting a return address to obtain first encrypted message by using a key register and storing the encrypted message; and c) before the function is returned, encrypting the return address to obtain second encrypted message by using the key register likewise, and if the first encrypted message and the second encrypted message are different, showing that the stack overflow attack exists. The method can be used for stack overflow attack defense, and is applicable in multiple fields of aerospace, finance, manufacture, communication, energy, medicinal treatment, education and the like.

Description

Technical field [0001] The invention relates to a technology for detecting buffer overflow in source code and enhancing the security of target code, in particular to a method for defending stack overflow attacks, belonging to the field of security protection of computer systems. Background technique [0002] Computer applications have penetrated into various fields such as aerospace, finance, manufacturing, communications, energy, medical care, education, and so on. People's work and life are increasingly dependent on computer software. People not only need computers to achieve more functions, but also put forward higher requirements for the security of computer systems. Since its first appearance in the 1980s (Spafford, E., TheInternet worm program: an anallyis. ACM SIGCOMM Computer Communication Review, 1989.19(1): p.57.), buffer overflow attacks have been a serious threat to computer system security . At present, with the development of viruses and malicious programs, the bu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F21/52
Inventor 田硕贺也平
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com