TY - JOUR
T1 - Mechanism analysis and prevention of overflow-type web page malicious code
AU - Li, Zhi Yong
AU - Tao, Ran
AU - Wang, Yue
AU - Zhang, Hao
PY - 2010/6
Y1 - 2010/6
N2 - The overflow-type web page malicious codes can activate malicious codes by using the overflow vulnerability of the programmes in the users' host computers, which will harm the Internet users greatly. In order to study their mechanisms, this paper analyzes the typical overflow script and track their operation changes in RAM, finds out the specific details and conditions required for activating overflow-type web page malicious codes, analyzes their general design principle, and obtains their general design method of triggering a vulnerability in the operating system software. Finally, some suggestions to prevent the overflow-type web page malicious codes are presented.
AB - The overflow-type web page malicious codes can activate malicious codes by using the overflow vulnerability of the programmes in the users' host computers, which will harm the Internet users greatly. In order to study their mechanisms, this paper analyzes the typical overflow script and track their operation changes in RAM, finds out the specific details and conditions required for activating overflow-type web page malicious codes, analyzes their general design principle, and obtains their general design method of triggering a vulnerability in the operating system software. Finally, some suggestions to prevent the overflow-type web page malicious codes are presented.
KW - Computer science and technology
KW - Overflow vulnerability
KW - Overflow-type web page malicious code
KW - Web page malicious code
UR - http://www.scopus.com/inward/record.url?scp=77955777520&partnerID=8YFLogxK
M3 - Article
AN - SCOPUS:77955777520
SN - 1000-1093
VL - 31
SP - 832
EP - 836
JO - Binggong Xuebao/Acta Armamentarii
JF - Binggong Xuebao/Acta Armamentarii
IS - 6
ER -