Title :
Realization of Buffer Overflow
Author :
Zhiyuan, An ; Haiyan, Liu
Author_Institution :
Comput. Sci. & Eng. Dept., North China Inst. of Aerosp. Eng., Langfang, China
Abstract :
In recent decades, the buffer overflow has been a source of many serious security issues. In recent years, by the CERT/CC (Computer Emergency Response Term/Coordination Center) issued advice on the buffer overflow vulnerability for more than accounted for 56.76%. Attack based on the buffer overflow loophole has brought serious harm to computer network. How to effectively eliminate attack based on the buffer overflow loophole has become a question, which everybody pays attention to. This paper first explains the concept of buffer overflow, buffer overflow principle; and then the jump instruction is given using the examples of realization of buffer overflow attacks; and finally, combined with the type of buffer overflow attacks, buffer overflow attacks, raised preventive strategies. All those must be beneficial to improving programmers´ security code consciousness.
Keywords :
buffer storage; computer network security; stacking; CERT/CC; buffer overflow attack; buffer overflow loophole; buffer overflow principle; computer emergency response term-coodination center; computer network; programmer security code; security issue; Aerospace engineering; Arrays; Buffer overflow; Computer science; Presses; Security; Software; buffer overflow; jump instructions; shellcode; stack frame;
Conference_Titel :
Information Technology and Applications (IFITA), 2010 International Forum on
Conference_Location :
Kunming
Print_ISBN :
978-1-4244-7621-3
Electronic_ISBN :
978-1-4244-7622-0
DOI :
10.1109/IFITA.2010.304
