Detection method and system for buffer overflow

A buffer overflow and detection method technology, applied in the field of information security, can solve the problems of slow running of credit card networks and automatic teller machines, endangering information security, etc., and achieve the effect of effective detection

Inactive Publication Date: 2014-02-05
INSPUR BEIJING ELECTRONICS INFORMATION IND
View PDF3 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In January 2003, the "Slammer" (also known as "Sapphire") worm took advantage of a flaw in Microsoft SQL Server 2000 to crash parts of the Internet in South Korea and Japan, interrupted telephone services in Finland, and made the American Airlines reservation system, Credit card

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detection method and system for buffer overflow
  • Detection method and system for buffer overflow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] Hereinafter, the present invention will be described in detail with reference to the drawings and examples. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined with each other.

[0018] Core idea of ​​the present invention is:

[0019] When a buffer overflow occurs, the malicious code will call the system API function; check the return address of the system API function by hooking the system API function called by the malicious code, if the return address is on the system API function call stack, or the virtual memory where the return address is located The page is non-protected, indicating that a stack overflow has occurred, that is, a buffer overflow.

[0020] The invention provides a buffer overflow detection method, comprising the following steps:

[0021] When a buffer overflow occurs, the malicious code will call the system API function;

[0022] The system API funct...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a detection method for buffer overflow, and belongs to the field of information safety. The method comprises the steps as follows: when buffer overflow happens, a malicious code calls a system API (application program interface) function; a return address of the system API function is checked according to the system API function called by the HOOK malicious code; and whether overflow of a buffer region happens is judged according to the feedback address. According to the technical scheme of the detection method and system, effective detection of buffer overflow is realized.

Description

technical field [0001] The invention belongs to the field of information security, in particular to a buffer overflow detection method and system. Background technique [0002] In November 1988, many organizations had to cut off their Internet connections because of the "Morris Worm," a program written by 23-year-old programmer Robert Tappan Morris to attack VAX and Sun machines. According to estimates, this program crashes about 10% of the entire Internet. In July 2001, another worm called "Code Red" eventually led to an attack on more than 300,000 computers worldwide running Microsoft's IIS Web Server. In January 2003, the "Slammer" (also known as "Sapphire") worm took advantage of a flaw in Microsoft SQL Server 2000 to crash parts of the Internet in South Korea and Japan, interrupted telephone services in Finland, and made the American Airlines reservation system, The credit card network and ATMs were slow. All of these attacks, and many others, exploit a programming f...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/52G06F21/56
CPCG06F21/52G06F21/566
Inventor 方雪静
Owner INSPUR BEIJING ELECTRONICS INFORMATION IND
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap