中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/81311
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 78937/78937 (100%)
Visitors : 39334371      Online Users : 381
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/81311


    Title: VAP : An AutoPatch Mechanism for Buffer Overflow Vulnerabilities in Source Code
    Authors: 曾子軒;Tseng, Tzu-Hsuan
    Contributors: 資訊工程學系
    Keywords: 緩衝區溢位;自動修補;Buffer Overflow;AutoPatch
    Date: 2019-08-19
    Issue Date: 2019-09-03 15:43:49 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 緩衝區溢位攻擊一直是常見的軟體攻擊手法之一,程式設計師一不
    小心就有可能讓程式碼中隱含著緩衝區溢位漏洞,雖然漏洞本身容易修
    補,但這個問題仍持續不斷地出現,且由於其能控制重要的資料結構,
    所造成的傷殺力極大,因此勢必是需要解決的棘手問題之一。

    過去有許多研究提出的防禦方法皆能偵測到緩衝區溢位的情形發生
    並即時終止程式,本篇論文提出不同的作法,藉由靜態分析程式中介
    碼,針對常造成緩衝區溢位的輸入函式做檢查與修補,直接防堵程式在
    執行時發生緩衝區溢位,能正常且順利執行下去。本研究將系統實作為
    LLVM Pass 的形式,讓使用者能自由選擇使用或融入編譯鏈結過程中的
    一部分。;Buffer overflow attacks have been one of the most common approaches of software attacks. This kind of vulnerabilities may occur if the programmer does not write code carefully. Although fixing the vulnerability itself is simple, buffer overflow attacks appear frequently and continuously. In addition, since it can control the important data structures, the damage it caused is quite severe. As a result, it is one of the thorny issues that have to be solved without a doubt.

    In the past, there are many research whose defense methods can detect the occurrence of buffer overflow and terminate the process immediately. This paper presents a different way: by statically analyzing the intermediate representation code, we can automatically check and patch the input functions which often cause buffer overflow, so that the program can run safely and correctly. Furthermore, we implement the system as a LLVM Pass; therefore, users can use it depending on their requirements.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML234View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明