Research On Address Independent Technology In Compilation Security Under Linux System

In recent years,with the continuous expansion of the scale of the Internet,network attacks against software vulnerabilities are becoming increasingly large,network security threats have become the key issues to be resolved.Whether it is the national strategic level or the social security level,the stability of the Internet security environment has important practical significance.In a variety of network attacks,buffer overflow is a kind of great harm,extremely common vulnerability attack method,the attacker can remotely implanted Trojan horse,the implementation of non authorized instructions,access to confidential information and other operations,which led to a lot of security incidents.Therefore,the defense buffer overflow vulnerability has no time to delay.Research buffer overflow vulnerability defense methods and technology,has been an important issue in the field of network security.This paper focuses on the topic of the research on the Linux system in the context of the address independent technology.In view of the problems in the network security buffer overflow vulnerability attack mode and the shared library file,this paper mainly discusses the implementation of the address independent technology buffer vulnerability defense method in Linux environment:(1)research on the basic principle of buffer overflow,and to prevent the program analysis,the buffer overflow vulnerabilities in the existing problems,analysis of the current buffer overflow attack methods and attack language,the key technologies involved in this paper to study,give a new buffer overflow attacks.(2)a buffer overflow protection scheme based on address independent executable(PIE)is proposed for the executable file,which can greatly reduce the probability of attack success,and has a low access efficiency cost and a program scale growth.(3)in view of the problems existing in the loading of the shared library,the address free code(PIC)is used to share the dynamic link,to improve the security of the shared library and to reduce the memory overhead.