A stack buffer overflow vulnerability detection method based on a program diagram

A buffer overflow and detection method technology, applied in the field of information security, can solve the problems of high false negative rate and false positive rate, inaccurate modeling, attacks, etc., to achieve accurate detection, improve detection efficiency, and improve security.

Pending Publication Date: 2019-05-21
JIANGSU UNIV
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In 2001, a virus called CodeRed caused more than 300,000 computers running Windows to be attacked, causing huge economic losses
However, due to the inaccurate modeling of most static analysis tools, there is a high rate of false negatives and false positives in the results of buffer overflow vulnerability detection
In C and C++ languages, some copy functions and common external input functions are prone to buffer overflow when allocating memory and input length

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A stack buffer overflow vulnerability detection method based on a program diagram
  • A stack buffer overflow vulnerability detection method based on a program diagram
  • A stack buffer overflow vulnerability detection method based on a program diagram

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] In order to better understand a stack buffer overflow vulnerability detection method based on a program diagram of the present invention, the present invention will be further described below in conjunction with the accompanying drawings and specific implementation cases. It should be pointed out that the described implementation cases are intended to This is to facilitate understanding of the present invention without requiring any limitation thereto.

[0037] The invention proposes a stack buffer overflow vulnerability detection method based on a program diagram, which can be better applied to the vulnerability detection of resource access software and improves detection efficiency.

[0038] First, the definitions and calculation formulas of several concepts involved in the present invention are as follows.

[0039] Definition 1 Program diagram: also known as program flow chart, which graphically expresses the logical function of the code, the logical flow direction o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a stack buffer overflow vulnerability detection method based on a program diagram. The method comprises the steps that 1, after source codes are statically analyzed, constructing a corresponding program diagram; 2, traversing the program chart to find a danger function to obtain an overflow point position; 3, calculating the address offset between the buffer space operatedby the overflow point comparison function and the size of the space to be covered; And 4, judging whether address offset occurs or not to obtain a vulnerability detection result, Wherein the danger function mainly aims at three danger functions of Strncpy (), Memcpy () and Gets (); for the Strncpy () and Memcpy () functions, buffer area space O and coverage space C of function operation are obtained, and for the Gets () function, only buffer area space O of the function needs to be obtained; For a Strncpy function, if the replication length n<O, there is no vulnerability, if the replication length n>O and O<C, there is vulnerability; For the Memcpy function, if the copy length n <O, there is no vulnerability, if n<O and O<C, then there is vulnerability; for the Gets function, if O = [0, infinite], then there is vulnerability..

Description

technical field [0001] The invention belongs to the technical field of information security, and relates to a stack buffer overflow vulnerability detection method based on a program graph. Background technique [0002] With the continuous development of computer technology, the demand for software in all walks of life is increasing, and more and more people enjoy the convenience and speed brought by information systems. The unavoidable problem in the continuous development of information technology is software vulnerability. In the process of software development, developers will make some mistakes, some fatal mistakes will cause serious consequences if they are not found out in time. Among all the current software vulnerabilities, buffer overflow is one of the most common security vulnerabilities. Therefore, the cause analysis of software vulnerability has increasingly become the focus of attention in the field of information security. [0003] The main cause of buffer o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57
Inventor 陈锦富张庆晨黄如兵陈书杰周敏敏
Owner JIANGSU UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap