| System vulnerabilities and software vulnerabilities make attack in force possible. Attackers exploit them to control some Dorking to conduct of attack. Buffer overflow as the important aspect of vulnerabilities plays a significant role in last twenty years. Know what is overflow, how it happens, and how to prevent it are the important questions in the security industry.Because safety consciousness in software industry is not enough, the attacker get the destination host by exploit the vulnerabilities in the software. This article describe the species of buffer overflow attack, reasons and counter measures of the buffer overflow, the importance of detecting buffer overflow. At the last, this article shows a kind of composite detecting method of buffer overflow.This method uses static analysis of binary file and fuzzing method to detecting vulnerabilities in software. In the first module finding the suspicious modules is the main target. At the same time this module finds some simple vulnerability and some import modules by using code review. Then in the second module, fuzzing brute data test whether the suspicious functions are the vulnerabilities or not. At the last of this article, two experiments prove that the method is effective in detecting buffer overflow. |
PDF Full Text Request