Dissertation > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > Computer applications > Computer network > General issues > Computer Network Security

Detection and Elimination of "Buffer-Overflow" Based on GECISM

Author CuiJing
Tutor WangFengXian
School Hebei University
Course Applied Computer Technology
Keywords Buffer overflow System calls Binary Tree Identification Eliminate
CLC TP393.08
Type Master's thesis
Year 2007
Downloads 2
Quotes 0
Download Dissertation

Buffer overflow vulnerabilities are very common, can exist in Windows, Unix, Netware, SQL Sever , and other systems and applications , so buffer overflow attack technique has become a broad and basic attack technology, and has become the current attack technology is the main direction of development. Buffer overflow attack is a common means of execution of the program by changing the flow , turn to execute code of their implanted intrusion , then get the system root privileges on the system pose a huge threat to mimic biological immune system in this paper the design of computer security system model GECISM (GEneral Computer Immune System Model) was constructed on the basis of DAE (Detecting And Eliminating) Agent. This agent can be the first blur detection , accurate detection of a second to determine whether a buffer overflow attack occurs , and thus the position of the invasion by positioning the invasion to eliminate . And in the following aspects of the \objects defined in the Linux system through a system call and return address of the vector , the use of this particular binary vector data structures stored for precise detection of the second ; using exception handling mechanism , the handler is written in advance training set of objects , save function runtime stack information, if the invasion is start the mechanism that allows the program to run the invasion restored to the initial state , to minimize the harm caused by the invasion .

Related Dissertations
More Dissertations