以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：10

、訪客IP：18.191.236.174

姓名	曾子軒(Tzu-Hsuan Tseng)  查詢紙本館藏	畢業系所	資訊工程學系
論文名稱	(VAP : An AutoPatch Mechanism for Buffer Overflow Vulnerabilities in Source Code)
相關論文	★ USB WORM KILLER: Cure USB Flash Worms Through a USB Flash Worm ★ Discoverer- Rootkit即時偵測系統 ★ 一項Android手機上詐騙簡訊的偵測與防禦機制 ★ SRA系統防禦ARP欺騙劫持路由器 ★ A Solution for Detecting and Defending ARP Spoofing on Virtual Machines ★ 針對遠端緩衝區溢位攻擊之自動化即時反擊系統 ★ 即時血清系統: 具攻性防壁之自動化蠕蟲治癒系統 ★ DNSPD: Entrap Botnets Through DNS Cache Poisoning Detection ★ TransSQL: A Translation and Validation-based Solution for SQL-Injection Attacks ★ A Spam Mail-based Solution for Botnet Detection and Network Bandwidth Protection ★ Shark: Phishing Information Recycling from Spam Mails ★ FFRTD: Beat Fast-Flux by Response Time Differences ★ Antivirus Software Shield against Antivirus Terminators ★ MAC-YURI : My ACcount, YoUr ResponsIbility ★ KKBB: Kernel Keylogger Bye-Bye ★ CIDP Treatment: An Innovative Mobile Botnet Covert Channel based on Caller IDs with P8 Treatment
檔案	[Endnote RIS 格式]    [Bibtex 格式]    [相關文章]   [文章引用]   [完整記錄]   [館藏目錄]   至系統瀏覽論文 (2024-6-30以後開放)
摘要(中)	緩衝區溢位攻擊一直是常見的軟體攻擊手法之一，程式設計師一不 小心就有可能讓程式碼中隱含著緩衝區溢位漏洞，雖然漏洞本身容易修 補，但這個問題仍持續不斷地出現，且由於其能控制重要的資料結構， 所造成的傷殺力極大，因此勢必是需要解決的棘手問題之一。 過去有許多研究提出的防禦方法皆能偵測到緩衝區溢位的情形發生 並即時終止程式，本篇論文提出不同的作法，藉由靜態分析程式中介 碼，針對常造成緩衝區溢位的輸入函式做檢查與修補，直接防堵程式在 執行時發生緩衝區溢位，能正常且順利執行下去。本研究將系統實作為 LLVM Pass 的形式，讓使用者能自由選擇使用或融入編譯鏈結過程中的 一部分。
摘要(英)	Buffer overflow attacks have been one of the most common approaches of software attacks. This kind of vulnerabilities may occur if the programmer does not write code carefully. Although fixing the vulnerability itself is simple, buffer overflow attacks appear frequently and continuously. In addition, since it can control the important data structures, the damage it caused is quite severe. As a result, it is one of the thorny issues that have to be solved without a doubt. In the past, there are many research whose defense methods can detect the occurrence of buffer overflow and terminate the process immediately. This paper presents a different way: by statically analyzing the intermediate representation code, we can automatically check and patch the input functions which often cause buffer overflow, so that the program can run safely and correctly. Furthermore, we implement the system as a LLVM Pass; therefore, users can use it depending on their requirements.
關鍵字(中)	★ 緩衝區溢位 ★ 自動修補	關鍵字(英)	★ Buffer Overflow ★ AutoPatch
論文目次	摘要 i Abstract ii 誌謝 iii 目錄 iv 圖目錄 vi 表目錄 viii 第1 章緒 1 第2 章背景介紹 3 2.1 Buffer Overflow 3 2.2 常用輸入函式 4 2.2.1 gets 4 2.2.2 fgets 5 2.2.3 read 5 2.2.4 scanf 6 2.3 LLVM 6 2.4 LLVM IR 7 2.5 LLVM Pass 8 第3 章系統架構與實作 9 3.1 系統功能 9 3.2 系統實作 9 3.3 系統架構 10 3.4 系統Data Path 11 3.5 系統元件 12 3.5.1 Parameter Handler 12 3.5.2 Overflow Detector Invocation Injector 12 3.5.3 Checker 13 3.5.4 Patcher 16 3.5.5 Dynamic Size Patcher Injector 17 第4 章實驗評估 19 4.1 實驗環境 19 4.2 實驗對象 19 4.3 實驗流程與結果 20 4.4 效能評估 23 第5 章相關研究 24 5.1 偵測修補 24 5.1.1 AddressSanitizer 24 5.1.2 Mudflap 25 5.2 漏洞修補 25 5.2.1 AutoPaG 25 5.2.2 Rule-Based Approach 26 第6 章討論 27 6.1 Future Work 27 6.2 Binary Rewriting Without Source Code 27 6.2.1 Mcsema 27 6.2.2 RetDec 28 第7 章總結 29 參考文獻 30
參考文獻	[1] C. Cowan, C. Pu, D. Maier, H. Hintony, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang, “Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks,” in Proceedings of the 7th Conference on USENIX Security Symposium - Volume 7, ser. SSYM’98, San Antonio, Texas: USENIX Association, 1998, pp. 5–5. [Online]. Available: http://dl.acm.org/ citation.cfm?id=1267549.1267554. [2] K. Serebryany, D. Bruening, A. Potapenko, and D. Vyukov, “Addresssanitizer: A fast address sanity checker,” in Presented as part of the 2012 USENIX Annual Technical Conference (USENIX ATC 12), Boston, MA: USENIX, 2012, pp. 309– 318, isbn: 978-931971-93-5. [Online]. Available: https : / / www . usenix . org / conference/atc12/technical-sessions/presentation/serebryany. [3] F. Eigler, “Mudflap: Pointer use checking for c/c++,” Jan. 2003. [4] H. Shacham et al., “The geometry of innocent flesh on the bone: Return-intolibc without function calls (on the x86).,” in ACM conference on Computer and communications security, New York, 2007, pp. 552–561. [5] R. Roemer, E. Buchanan, H. Shacham, and S. Savage, “Return-oriented programming: Systems, languages, and applications,” ACM Trans. Inf. Syst. Secur., vol. 15, no. 1, 2:1–2:34, Mar. 2012, issn: 1094-9224. doi: 10.1145/2133375.2133377. [Online]. Available: http://doi.acm.org/10.1145/2133375.2133377. [6] T. Newsham, Format string attacks, 2000. [7] C. Lattner, The architecture of open source applications: Llvm. [Online]. Available: http://www.aosabook.org/en/llvm.html. [8] A. Sampson, Adrian sampson: Llvm for grad students, Aug. 3, 2015. [Online]. Available: https://www.cs.cornell.edu/~asampson/blog/llvm.html. [9] ——, Adrian sampson: Llvm for grad students, Aug. 3, 2015. [Online]. Available: https://www.cs.cornell.edu/~asampson/blog/llvm.html. [10] Y. Lin, “Cird: A solution to detect real-time zero-day code injection attacks,” 2019. [11] C. Hou, “Roprd: A solution to detect real-time zero-day rop attacks,” 2019. [12] benjamin.redelings, Bug 19319 - mudflap produce many violations on simple, correct c++ program, Jan. 7, 2005. [Online]. Available: https://gcc.gnu.org/bugzilla/ show_bug.cgi?id=19319. [13] Z. Lin, X. Jiang, D. Xu, B. Mao, and L. Xie, “Autopag: Towards automated software patch generation with source code root cause identification and repair,” in Proceedings of the 2Nd ACM Symposium on Information, Computer and Communications Security, ser. ASIACCS ’07, Singapore: ACM, 2007, pp. 329–340, isbn: 1-59593-574-6. doi: 10.1145/1229285.1267001. [Online]. Available: http://doi. acm.org/10.1145/1229285.1267001. [14] H. Shahriar, H. M. Haddad, and I. Vaidya, “Buffer overflow patching for c and c+ + programs: Rule-based approach,” SIGAPP Appl. Comput. Rev., vol. 13, no. 2, pp. 8–19, Jun. 2013, issn: 1559-6915. doi: 10.1145/2505420.2505421. [Online]. Available: http://doi.acm.org/10.1145/2505420.2505421. [15] T. of Bits, The github page of mcsema. [Online]. Available: https://github.com/ trailofbits/mcsema. [16] Avast, The github page of retdec. [Online]. Available: https://github.com/avast/ retdec.
指導教授	許富皓(Fu-Hau Hsu)	審核日期	2019-8-19
推文	facebook   plurk   twitter   funp   google   live   udn   HD   myshare   reddit   netvibes   friend   youpush   delicious   baidu
網路書籤	Google bookmarks   del.icio.us   hemidemi   myshare