Research On Security Protection Technology Based On Clang Complier In Linux System

The rapid development of science and technology has brought about earth-shaking changes in people's lives.The Internet has entered people's sights and has become an inseparable part of people's lives.Because of the Internet,we have realized information sharing,online-video phone,online shopping,Internet entertainment.At the same time,new technologies that have emerged on the Internet have spread to various traditional industries.Especially in recent years,with the popularization of 4G and the upcoming listing of 5G,the new industries represented by Internet finance,online new media,big data,cloud computing,and Internet of Things are quietly changing our lives.In this context,more and more people choose to join the Internet industry and change their lives through code.However,people's programming levels are uneven,they lack standard network operation specifications,which gives network hackers a chance.In recent years,many network security problems are coming,especially buffer overflow attack,have brought huge economic losses to enterprises and individuals.Therefore,how to develop efficient and secure protection technology,reduce the possibility of buffer overflow attacks and ensure the security of the Internet environment is the top priority of network security technicians.Based on the clang compiler platform in Linux system,this paper analyzes the protection technology of buffer overflow,and studies the security protection mechanism based on clang compiler in Linux system.The main work and research results of the thesis are as followed:(1)A brief introduction to the current status of network security,the security status and development of buffer over:flow attacks,the related background and development trends of buffer protection technology.(2)We study the causes of buffer overflow,classify and analyze the structure of memory space in Linux system and the structure of function frame stack.At the same time,the attack principle of buffer overflow and the basic idea of protection technology are also included.(3)Based on the clang compiler under Linux system,we proposed integer overflow protection and address-independent code technology,and analyze the implementation principle,binary features and limitations,which make us have a good understanding.(4)We build a test platform for the clang complier,verify the integrity of the integer overflow protection technology and code-independent technology,as well as program size and performance testing to prove the security,effectiveness and efficiency of the protection technology.(5)In the paper,we summarize the innovation of the paper from two aspects:technical security and resources utilization.At the same time,we also propose the improvement measures and the next research plan for the shortcomings and the limitation of our technology.