摘要:A buffer is a region of physical memory storage that holds a specific amount of data and when that capacity is reached, the data will overflow. A buffer overflow is a condition where in the data transferred to a buffer exceeds the storage capacity. Buffer overflow is susceptible to attacks therefore, creates a necessity for intrusion detection systems. This paper combines code pointer integrity with buffer overflow visualization to address overflows attacks. During monitoring and detection stage, users are requested to introduce some data at a time and when an overflow is detected, the system will process and display appropriate buffer status. Colors are used to represent the different level of operations. A model to analyze the buffer behavior of the random process is derived. The effectiveness of our technique is confirmed through a visualization experiment. Result shows that transmission process is suspended when buffer overflows thus facilitate intrusion analysis.
关键词:Buffer-overflow; visualization; model and integrity check
