CIRD: A Solution to Detect Real-time Zero-day Code-Injection Atttacks

Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/81323

Title:	CIRD: A Solution to Detect Real-time Zero-day Code-Injection Atttacks
Authors:	林鈺凱;Lin, Yu-Kai
Contributors:	資訊工程學系
Keywords:	緩衝區溢位;代碼注入;Buffer overflow;Code-Injection
Date:	2019-08-20
Issue Date:	2019-09-03 15:44:25 (UTC+8)
Publisher:	國立中央大學
Abstract:	在眾多的攻擊手法中，Buffer overflow 造成的Code-Injection 攻擊是一種很嚴重的攻擊方式。因為攻擊者可以任意執行惡意程式碼，可能會造成memory leak、任意記憶體位置讀寫、最嚴重可以拿到主機控制權。本篇論文設計了一套偵測Code-Injection 的方式，利用QEMU 和 Linux Kernel 配合，可以即時偵測並且找出在執行檔哪個地方發生 Code-Injection。;In many of attack methods, the Code-Injection attacks is a serious problem that makes attackers can execute malicious code arbitrarily. It may cause memory leak, arbitrarily memory read/write or even taking control on the host machine. We had designed a method to detect Code-Injection attacks. Using QEMU and Linux Kernel, we can not only detect read-time Code-Injection attacks but also locate functions of Code-Injection vulnerability.
Appears in Collections:	[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

Files in This Item:

File	Description	Size	Format
index.html		0Kb	HTML	257	View/Open

社群 sharing