Summary: | 碩士 === 元智大學 === 資訊工程研究所 === 88 === "There is no bug-free program." which should be one of the mottoes to
most application developers, especially for large applications. Almost all
software is developed using a "try-and-fix" methodology: First, small code
pieces are implemented, tested, fixed, and tested again. Then, these small
pieces are combined into a module, and this module is then tested, fixed, and
tested again. Small modules are then combined into larger modules, and so on.
The end result is that there are always bugs exist in the system.
"Buffer overflow" should be the most common and serious ones among most
bugs. It possibly results in unauthorized code to be executed by system under
special privilege mode; then the system security policy will therefore be
violated completely. Generally speaking, buffer overflow is a kind of memory
access violation which happened in the process heap, BSS (Blocked Start by
Symbol) or stack due to improper boundary checking in the programming language.
However, most past research related to buffer overflow detection and prevention
techniques were focused on stack based buffer overflow. Moreover, the
protection scope was also limited to function return address. The mechanisms
described before suffer from the weakness in some newly developed attacking
techniques such as heap/BSS-based buffer overflow.
In this paper, we propose a new system based on the canary word technique,
which used by StackGuard to improve the weakness mentioned above.
|