| 发明名称 |
REAL TIME BUFFER OVERFLOW HACKING DETECTING METHOD |
| 摘要 |
PURPOSE: A real time buffer overflow hacking detecting method is provided to detect and prevent a buffer overflow hacking attempt to a system by analyzing a system call generation position on a real time basis and detecting an unknown hacking form. CONSTITUTION: It is judged whether a system call paging has occurred(S401). If the system call paging has occurred, a system call generation address is extracted(S402). The extracted address is compared to a normal process memory region(S403). It is judged whether the system call paging has occurred in a stack region of a memory(S404). If the system call paging has occurred in the stack region of the memory, the system call paging is compared with a system call list(S405), to judge whether it is on the system call list(S406). If the system call paging has not occurred in the stack region of the memory, the system call is normally processed(S407). If the system call is on the system call list, a corresponding process is stopped and an alarm is provided to a system manager(S408).
|
| 申请公布号 |
KR20030046581(A) |
申请公布日期 |
2003.06.18 |
| 申请号 |
KR20010076442 |
申请日期 |
2001.12.05 |
| 申请人 |
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE |
发明人 |
CHOI, YANG SEO;PARK, CHI HANG;SEO, DONG IL;SON, SEUNG WON |
| 分类号 |
H04L12/22;(IPC1-7):H04L12/22 |
主分类号 |
H04L12/22 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
