Comprehensive Study On Buffer Overflow Vulnerability

Buffer overflow attack is the main measure of hacker's attack. It has done more and more harm to information security. The existing researches on defensive measures are behind schedule. Most of the current researches concentrate on the exploiting and defense of certain vulnerabilities, without a comprehensive exploration. And the existing defensive measures still have all kinds of shortages. Therefore this paper author attempts to conduct a comprehensive research on attack and defense of buffer overflow under windows platform.Major progresses of this paper are as follows:1. Presentation of an unified function model of buffer overflow exploiting programs. Based on the principles and exploiting measures of buffer overflow vulnerability, an unified function model of buffer overflow exploiting program is brought forward(including overflow module, distortion module, flow jump module, attack module, limit breaking module, and conceal module).2. Putting forward of the overflow localization formula(Z=(0xYY-0x41)×10+(0xXX-0x41)). Locating accurately buffer overflow point is one of the key factors for exploiting vulnerability successfully. Localization formula is presented in this paper for this purpose.3. Realization of buffer overflow attack key technique. The shellcode of key technique about buffer overflow attack is realized in the paper (including breaking through operating system and its firewall, uploading and downloading attack files).4. Presentation of buffer overflow attack model based on Category theory. Buffer overflow attack model based on Category theory is brought forward in the paper by exploring the process of buffer overflow attack and systematically summarize its attack process.5. Presentation of defensive measure against attack process three stages. Corresponding defensive measure is presented against the three stages of attack process by researching of buffer overflow defense technique.This paper is one of the series research results of a provincial and ministerial level project—the overall performance evaluates of ChongQing E-Government external net security. Contract Number: 200401011.