期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2016
卷号:10
期号:11
页码:267
出版社:SERSC
摘要:Memory corruption vulnerability is an oldest typeof vulnerabilitiesin software vulnerabilities. Attackers typically use a technique called virtual function table hijacking to exploit memory corruption vulnerability.In this paper, we propose a defense method which extractingvirtual function tables and virtual function call related location information from the binary program. Then instrumenting identifieron vtables or backuping the vtables’pointers to detect vtables’integrity. Finally, the defense methodis verified by Firefox, Chrome, IE browsers. Experiments show that the methodcan fully and effectively defend the real-world virtual function table hijacking attack with the small performance overhead and good compatibility
关键词:S;oftware security; ;Memory corruption vulnerability; ;V;irtual function table ;hijacking attack;.
