Buffer Overflow Vulnerability Excavation And Protection Technology Research

Software security vulnerability has become one of the major problems of networksecurity, especially the internet on security incidents of software vulnerabilities are more andmore serious in recent years, either at the national strategic level, or the level of social security,software vulnerability detection and prevention should be attached importance.Buffer overflow vulnerability is one of the principal threats to software vulnerabilities.With the rapid development of network technology, the exploitation and popularity of thesoftware applications are increasingly widespread, but the quantity of advance did not bring inquality assurance corresponding security level yet,leading to incidents of security isincreasing caused by a buffer vulnerability. So, how to detect and prevent buffer overflowvulnerability effectively has always been a very important issue in security area.Based on the detailed analysis of the basic principles of buffer overflow attacks andvulnerability exploitation technology, aiming at the problem of binaries for vulnerabilities,this text presents Fuzzing vulnerability detection technique based on genetic algorithms, aswell as combining with the characteristics of a buffer overflow vulnerability, constructs withgood maturity and higher test coverage. According to staticize analysis technology, itintelligently guides the test data to logicize vulnerable part of the statement binaries, makingit quickly hit a buffer overflow vulnerability.On account of the accuracy and completeness of the vulnerability of Excavation,thispaper proposes a further buffer overflow vulnerability code protection scheme based on AESencryption algorithm,for encrypting sensitive data area is the primary means of defensetechnology on buffer overflow attacks, but being limited by general encryption algorithmcomplexity and security requirements its effect is not ideal,while AES encryption algorithmwith a longer key can significantly improve the security and encryption algorithm is simple,you can also control the number of iterations in less than15times. According to the program,the experimental results show that, AES encryption algorithm provides a higher level ofsecurity with a relatively low system overheadin the security area of the protection buffer.