| Nowadays we have to face more and more buffer overflow vulnerability exploration because of the widespread of buffer overflow in our software. So the research of buffer overflow vulnerability detection has become the one most important topic of the software vulnerability researches. The main content of this essay include the description of the most popular buffer overflow vulnerability detection methods-static analyze and dynamic analyze, the comparison of five buffer overflow analyze tools, the construction of a buffer overflow analyze system which combined the analyze method of static and dynamic.During the comparison of five buffer overflow static analyze tools, we conduct an experiment to compare the performance of five buffer overflow static analyze tools, this experiment is base on a buffer overflows taxonomy in C/C++, which has been explicitly depicted in the second part of this essay. The result of the comparison shows the fact that all these five tools have some kind of defects which has strongly restrict the widely use of these tools.The last part of this paper present us a vulnerability analyze system combined the static analyze and dynamic analyze. In order to testify the performance of this system, we designed a experiment whose result shows us the fact that our analyze system can successfully detect the vulnerabilities of the experimental program. |
PDF Full Text Request