| As early as the framework of Von Neumann appears, buffer overflow vulnerability has already begun to emerge. In 1988, with the widespread Morris worm in the Internet, they began the infamous. Unfortunately, the same attacks last till nowadays. According to the defects in the design of program run-time storage, the target addresses may be attacked accurately through various ways and malicious codes would run willfully and undermine the security of computer systems. On the other hand, there is no effective way to stop the attacks fundamentally. So far, the only way to prevent endless variants of buffer overflow attacks is to improve the design, coding and testing of all the applications. Compared to others, buffer overflow attack is a most typical type. Buffer overflow can be divided into two categories, one is based on the stack and the other is based on the heap. Although stack-based attacks are still more frequent and important, and made some progress, heap-based overflow obtains more attention recently.The process memory organization is analyzed, and the basic theory and various types of heap-based buffer overflow are discussed in this paper. Thus, heap-based buffer overflow is concluded to be caused by tampering of the critical data in the heap or injecting malicious code into the heap-based buffer to destroy computer systems. On the basis of the attack target-heap metadata (heap management structure information), a new heap buffer overflow prevention mechanism is proposed in this paper. It can separate the heap metadata from the user data to prevent heap-based buffer overflow. And the particular storage of heap metadata makes it difficult for attackers to tamper so that it can prevent heap-based buffer overflow a lot. The experiment result illustrates that the new heap buffer overflow prevention mechanism works effectively. |
PDF Full Text Request