一种新的格式化串读写越界防御模型A New Model of Defending Reading-writing-cross-border of Format String
黄玉文,马瑞兴,李肖坚
摘要(Abstract):
格式化串读写越界漏洞危害性非常大.介绍了格式化串读写越界的基本原理和现有防御技术,提出了一种新的格式化串读写越界防御模型;该防御模型能够对格式化串读写越界行为进行保护、检测、响应和恢复.最后给出了该模型的实现.
关键词(KeyWords): 格式化串;读写越界;防御;虚拟机
基金项目(Foundation): 国防科工委国家信息关防与网络安全保障可持续发展计划项目(2002-研2-A-007)
作者(Author): 黄玉文,马瑞兴,李肖坚
DOI: 10.16393/j.cnki.37-1436/z.2009.02.033
参考文献(References):
- [1]Teso S T.Exploiting format string vuluerabilities[EB/OL].http://crypto.stanford.edu/cs155/papers/formatstring-1.2.pdf,2008-09-10.
- [2]CWE.Vulnerability Type Distributions in CVE[EB/OL].http://cwe.mitre.org/documents/vuln-trends/index.html#introduction,2007-05-22.
- [3]Kernighan B W,Ritchie D.The C Programming Language[M].New Jersey:Prentice Hal1Press,1988:34-68.
- [4]Viega J,Bloch J T,Kohno T,et al.ITS4:AStatic Vulnerability Scanner for C and C++Code[C].Los Alamitos:Proceedingsof Annual Computer Security Applications Conference,2000:257-267.
- [5]Tsai T,Singh N.Libsafe2.0:Detection of Format String Vulnerability Exploits[J].Communications of the ACM,1990,33(12):32-44.
- [6]David E,David L.Improving Security Using Extensible Lightweight Static Analysis[J].IEEE Software,2002,19(1):42-51.
- [7]CVE.IATF Document 3.1[EB/OL].http://www.iatf.Net/frame-wo rk-docs/version-3-1/index.cfm,2003-03-20.
- [8]夏春和.基于入侵诱骗的防御体系及关键技术研究[D].北京:北京航空航天大学,2003:6-45.
- [9]James E S,Ravi N.Virtual Machines:Versatile Platforms for Systems and Process[M].San Fransisco:Morgan Kaufmann,2006:12-49.