- 【Updated on May 12, 2025】 Integration of CiNii Dissertations and CiNii Books into CiNii Research
- Trial version of CiNii Research Knowledge Graph Search feature is available on CiNii Labs
- Suspension and deletion of data provided by Nikkei BP
- Regarding the recording of “Research Data” and “Evidence Data”
A Detection Method of Return Address Overwriting Attacks Based on Instruction Extension Using QEMU
Bibliographic Information
- Other Title
-
- QEMUを用いた命令拡張によるリターンアドレス書換え攻撃検知手法
Search this article
Description
Cyber-attacks are major threat. Commonly, these attacks attempt to exploit software vulnerabilities. In particular, attackers have exploited buffer overflow vulnerabilities for a long time. Many protection techniques were proposed to protect from buffer overflow attacks, but these techniques cannot prevent attacks completely. In this paper, we present a return address overwriting detection system. Our system disallows to attackers to exploit buffer overflow vulnerabilities. Our system works on CPU which has an extended feature and additional instructions. We implemented it to the hardware emulator QEMU. Furthermore, we confirmed the system with test programs on a prototype OS.
Journal
-
- IPSJ SIG Notes
-
IPSJ SIG Notes 2015 (33), 1-8, 2015-02-26
Information Processing Society of Japan (IPSJ)
- Tweet
Keywords
Details 詳細情報について
-
- CRID
- 1573668927620889600
-
- NII Article ID
- 110009884225
-
- NII Book ID
- AN10116224
-
- Text Lang
- ja
-
- Article Type
- journal article
-
- Data Source
-
- CiNii Articles
- KAKEN