| With the rapid development of computer technology,more and more attention has been paid to the security of computer systems.Computer vulnerabilities are often exploited by hackers because of the inherent vulnerabilities in software programs.Vulnerability attacks can cause application crashes and computer system downtime on the one hand,and largescale property damage on the other hand.Buffer overflow vulnerability is one of the types of exploits that are often used and extremely dangerous.It brings more and more harm to computer security,which puts higher demands on computer security personnel.When the program is running,writing data beyond its length to the buffer will cause a buffer overflow.An attacker can exploit a buffer overflow vulnerability to snoop on memory data,or hijack a program control flow to attack a computer.In the common script runtime environment,the heap buffer overflow vulnerability is the most common and easier to exploit,so this gives the attacker the opportunity to use the heap buffer overflow to launch the attack.The attacker can use the security vulnerabilities existing in the heap allocator to snoop the memory data through de-fragmentation and other technical means,change the direction of the program control flow,thereby execute malicious instructions for reading and writing or even destroy the memory.In this paper,the process of the buffer overflow attack and defense is systematically researched and the nature of buffer overflows are comprehensively studied.By studying the mechanism of buffer overflow,the common repair methods are summarized.By studying the vulnerability exploiting program,the overall process of vulnerability exploiting is summarized,and the key steps of vulnerability exploiting are summarized.On the basis of a thorough study of the mechanism of overflow vulnerabilities,the most serious heap overflow vulnerability in buffer overflow is selected as the research topic.The problems of the heap memory manager can be solved,including easily be predict in the heap memory allocation process and possibly getting the same memory address when applying for memory next to releasing.The ptmalloc2 algorithm is deeply studied in this paper which applies to glibc Library in Linux system.The security problem in the process of memory allocation and release is analyzed.A randomization strategy for heap memory is proposed.The core of randomization strategy is to maintain a cache pool,including three types of heap structure: small_bin,big_bin and top_chunk.In order to avoid buffer overflow and UAF,a randomization strategy is added to the process of memory allocation and release to increase the unpredictability of heap memory addresses.The algorithm aims to strike a balance between performance and security,and improves the security of computer systems at the expense of partial efficiency.Finally,the new algorithm is evaluated for security and performance consumption.According to the experimental results,it can prove that the existing heap overflow vulnerability can be effectively defended when the randomization parameter = 12,and the extra time and space consumption are respectively controlled above 10.2% and 14%.Compared with other algorithms,the new algorithm has obvious advantages in security. |
PDF Full Text Request