簡易檢索 / 詳目顯示
| 研究生: |
孫宇安 Yu-An Shuin |
|---|---|
| 論文名稱: |
採用Color Petri Net方法偵測程式原始碼緩衝區溢位問題 |
| 指導教授: |
薛義誠
Y. C. Shiue |
| 口試委員: | |
| 學位類別: |
碩士 Master |
| 系所名稱: |
管理學院 - 資訊管理學系 Department of Information Management |
| 畢業學年度: | 89 |
| 語文別: | 中文 |
| 論文頁數: | 72 |
| 中文關鍵詞: | 緩衝區溢位 、靜態分析 、軟體安全 |
| 外文關鍵詞: | buffer overflow, buffer overrun, stack smash |
| 相關次數: | 點閱:4 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
軟體與網路產生聯結後,在不安全的網路環境中,軟體的安全性日益重要,其中又以長久以來採用C語言撰寫的軟體安全性問題最為嚴重,由於C語言並沒有自動檢查界限,許多C語言標準函式庫提供的功能並不安全,因此立即面臨了緩衝區溢位的問題。本研究主要在於尋求緩衝區溢位問題的解決方法,對於已經存在的C語言程式碼而言,提供一方便的檢驗方法檢查是否有潛在的緩衝區溢位問題。
本研究之主要貢獻在於整理歸納出緩衝區溢位相關的防禦方法、研究現況與困難點,並採用正規理論基礎的Color Petri Net方法,並使用Design/CPN工具模擬原始碼中字串處理情況。本研究主要特色為可處理動態流程、預留多重指位器處理空間、明確知道有問題的原始碼位置以及參數及限制式不過份保守。本研究建立一分析流程、分析指位器的程式碼分析方法,並同時以實例說明本方法的用法並與Wanger方法及Rats工具比較,證明在精確度方面優於Rats工具,且的確可達到偵測緩衝區溢位問題的功能。
中文參考文獻
【劉其堅 民89】劉其堅,多型性弱點資料庫設計與對應缺陷運用程式產生器製作,中原大學資訊工程學系碩士論文,民國89年
英文參考文獻
【Arash+ 99】Arash Baratloo, Timothy Tsai and Navjot Singh. “Libsafe:Protecting Critical Elements of Stacks.” Bell Labs, Lucent Technologies, December 1999.
http://www.avayalabs.com/project/libsafe/index.html
【Austin+ 94】Todd M. Austin, Scott E. Breach and Gurindar S. Sohi. “Efficient Detection of All Pointer and Array Access Errors.” PLDI’94, ACM.
【Baratloo 00】Arash Baratloo, Navjot Singh and Timothy Tsai. “Transparent Run-Time Defense Against Stack Smashing Attacks.” In Proceedings of the USENIX Annual Technical Conference, June 2000.
【CERT/CC 01】http://www.cert.org/current/current_activity.html#scans
【Compaq】Compaq. ccc C Compiler for linux, 1999 http://www.unix.digital.com/linux/compaq_c
【Cowan+ 98】Crispin Cowan, Steve Beattie, Ryan Finnin Day, Calton Pu, Perry Wagle and Erik Walthinsen. “StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks.” In Proceedings in the 7th USENIX Security Symposium, January 1998
【Cowan+ 99】Crispin Cowan, Perry Wagle, Calton Pu, Steve Beattie, and Jonathan Walpole. “Buffer Overflows: attacks and defenses for the vulnerability of the decade.” In Proceedings of the DARPA Information Survivability Conference and Expo, 1999
【Design/CPN 00】http://www.daimi.au.dk/designCPN/
【Etoh+ 00】Hiroaki Etoh and Kunikazu Yoda. “Propolice:Protecting from stack-smashing attacks.” IBM Research Division, Tokyo Research Laboratory, June 19, 2000. http://www.trl.ibm.com/projects/security/ssp/
【Ghosh+ 98】Anup K. Ghosh and Tom O''Connor. “Analyzing Programs for Vulnerability to Buffer Overrun Attacks.” Technical report, Reliable Software Technologies, January 1998.
【Ghosh+ 98】Anup K. Ghosh, Tom O''Connor, and Gary McGraw. “An automated approach for identifying potential vulnerabilities in software.” In Proceedings of the 1998 IEEE Symposium on Security and Privacy, pages 104--114, Oakland, CA, May 3-6 1998.
【Jensen 92】K. Jensen. “Coloured Petri Nets. Basic Concepts, Analysis Methods and Practical Use. Vol 1:Basic Concepts,” 1992. Monographs in Theoretical Computer Science, Spring-Verlag.
【Jones+ 95】Richard Jones and Paul Kelly. “Bounds Checking for C.” July 1995. http://www-ala.doc.ic.ac.uk/~phjk/BoundsChecking.hteml
【Kettlewell 98】Richard Kettlewell.” Protecting Against Some Buffer-Overrun Attacks.” August, 1998. http://www.greenend.org.uk/rjk/random-stack.html
【LeFevre 92】William LeFevre. “Restricting network access to system daemons under SunOS.” In Proceedings of the Third USENIX UNIX Security Symposium, pages 93-103, 1992
【Loginov+ 01】Alexey Loginov, Suan Hsi Yong, Susan Horwitz and Thomas Reps. ”Debugging via run-time type checking.” In Proceedings of FASE 2001: Fundamental Approaches to Software Engineering, Genoa, Italy, April 2001.
【McGraw 98】Gary McGraw. “Testing for Security During Development: Why we should scrap penetrate-and-patch.” IEEE Aerospace and Electronic Systems, April 1998.
【Miller+ 95】Barton P. Miller, David Koski, Cjin Pheow Lee, Vivekananda Maganty, Ravi Murthy, Ajitkumar Natarajan and Jeff Steidl. “Fuzz Revisired:A Re-examination of the Reliability of UNIX Utilities and Services”. Tech. Report CSTR-95-1268, U. Wisconsin, April 1995.
【Newsham 00】Timothy Newsham. “Format String Attacks.” Spetember 2000. http://www.securityfocus.com/data/library/FormatString.pdf
【Overview 01】http://www.daimi.au.dk/designCPN/man/Misc/CpnML.All.pdf
【Peterson 81】James L. Peterson. “Petri Net Theory and the Modeling of Systems.” Prentice-Hall, N.J., 1981
【Pressman 97】Roger S. Pressman. “Software Engineering:A Practitioner’s Aprroach, Fourth Edition.” McGraw-Hill, 1997.
【Rats 01】http://www.securesw.com/rats/
【Rugina+ 00】R. Rugina and M. Rinard. “Symbolic Bounds Analysis of Pointers, Array Indices, and Accessed Memory Regions.” SIGPLAN Conference on Programming Language Design and Implementation. Vancouver B.C., Canada, June 2000.
【Smith 97】Nathan P. Smith. “Stack Smashing vulnerabilities in the UNIX Operating System.” http://millcomm.com/nate/machines/security/stack-smashing/nate/buffer.ps 1997.
【Solar】”Solar Designer”. Non-Executable User Stack. http://www.openwall.com/linux/
【Vendicator 00】Vendicator. “Stack shield: A "stack smashing" technique protection tool for linux.” http://www.angelfire.com/sk/stackshield/
【Viega+ 00】John Viega, J.T. Bloch, Tadayoshi Kohno, and Gary McGraw. “ITS4 : A Static Vulnerability Scanner for C and C++ Code.” In Proceedings of the 16th Annual Computer Security Applications Conference. New Orleans, Louisiana, December 2000.
【Wanger+ 00】D. Wagner, J. Foster, E. Brewer, and A. Aiken. “A first step towards automated detection of buffer overrun vulnerabilities.” In Network and Distributed System Security Symposium, San Diego, CA, February 2000.
【Wuftpd 99】http://www.wuftpd.org
