Research Of Attack Technique And Defense Policy Based On Buffer Overflow

With rapid development of information and network technology,as well as their continous penetration into military realm,computer networkis becoming the hinge in information battle field in the future. Computer network based attack and defense has drawn greate attention.Some attacks on computers can obtain valuable intelligence which other weapon systems can never archieve. Buffer overflow attack is the main measure of hacker's attack.It has done more and more harm to information security.The existing researches on defensive measures are behind schedule.Most of the current researches concentrate on the exploiting and defense of certain vulnerabilities,without a comprehensive exploration.And the existing defensive measures still have all kinds of shortages.Therefore this paper author attempts to conduct a comprehensive research on attack and defense of buffer overflow under Windows platform.This paper introduces the basic concepts of buffer and stack, and makes some research on the principle and process of buffer overflow. This paper also adopted a number of examples of attacks on how the system is attacked, and introduces some common attack methods.Then, this paper does some research on the technical details of the heap-based buffer overflow attacks under Windows operating system, and investigate the reason of all kinds of vulnerabilities.This paper also introduce some technique of how to exploit vulnerabilities from the method of how to use buffer overflow.This paper realize the key technique of buffer overflow attack.The shellcode of key technique about buffer overflow attack is realized in the paper(including breaking through operating system and its firewall,uploading and downloading attack files).The paper also puts forward of the overflow localization formula.In this paper, a new method to optimize the performance of array & pointer boundary checking based on the research of the buffer overflow protection is proposed.The checking method is a new hardware/software method which introduces a special boundary checking instruction,by which we can effectively reduce the overhead of array & pointer boundary checking.