中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/51546
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 42447044      線上人數 : 982
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/51546


    題名: HSP: A solution against heap sprays
    作者: Hsu,FH;Huang,CH;Hsu,CH;Ou,CW;Li-Han,CB;Chiu,PC
    貢獻者: 資訊工程學系
    關鍵詞: BUFFER OVERFLOW ATTACKS;CHECKING;SECURITY;HARDWARE/SOFTWARE;RANDOMIZATION;PROTECTION;ARRAY
    日期: 2010
    上傳時間: 2012-03-27 18:55:54 (UTC+8)
    出版者: 國立中央大學
    摘要: Heap sprays are a new buffer overflow attack (BOA) form that can significantly increase the successful chance of a BOA even though the attacked process is protected by a lot of state-of-the-art anti-BOA mechanisms, such as ASLR, non-executable stack/DEP, signature-based IDSes, and type-safe languages. In this paper, we propose a glibc-and-ASLR-based solution to heap sprays Heap Spray Protector (HSP). HSP controls the number and location of int 80 instructions in a process and hides the whereabouts of the only legal int 80 instruction; hence, HSP makes it difficult for attackers to issue a system call, let alone a heap spray attack. Moreover HSP can help ASLR defend against memory information leaking attacks. Furthermore, because HSP only modifies the glibc library and the kernel, it does not need to modify any source code or executable file. Finally, HSP allows attackers to execute as much code as possible before an attack can really create some damage; therefore, it enables the attacked hosts to collect more information about attackers which may be useful to block future attacks. Experimental results show HSP implemented on a Linux platform can effectively defend a system against heap sprays with less than 4.56% performance overhead. (C) 2010 Elsevier Inc. All rights reserved.
    關聯: JOURNAL OF SYSTEMS AND SOFTWARE
    顯示於類別:[資訊工程學系] 期刊論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML489檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明