Mechanism analysis and prevention of overflow-type web page malicious code

Zhi Yong Li; Ran Tao; Yue Wang; Hao Zhang

Mechanism analysis and prevention of overflow-type web page malicious code

Zhi Yong Li^*, Ran Tao, Yue Wang, Hao Zhang

^*Corresponding author for this work

Beijing Institute of Technology

Research output: Contribution to journal › Article › peer-review

1 Citation (Scopus)

Abstract

The overflow-type web page malicious codes can activate malicious codes by using the overflow vulnerability of the programmes in the users' host computers, which will harm the Internet users greatly. In order to study their mechanisms, this paper analyzes the typical overflow script and track their operation changes in RAM, finds out the specific details and conditions required for activating overflow-type web page malicious codes, analyzes their general design principle, and obtains their general design method of triggering a vulnerability in the operating system software. Finally, some suggestions to prevent the overflow-type web page malicious codes are presented.

Original language	English
Pages (from-to)	832-836
Number of pages	5
Journal	Binggong Xuebao/Acta Armamentarii
Volume	31
Issue number	6
Publication status	Published - Jun 2010

Keywords

Computer science and technology
Overflow vulnerability
Overflow-type web page malicious code
Web page malicious code

Cite this

@article{0c22f8c4c51f481580dab88b9899d42e,

title = "Mechanism analysis and prevention of overflow-type web page malicious code",

abstract = "The overflow-type web page malicious codes can activate malicious codes by using the overflow vulnerability of the programmes in the users' host computers, which will harm the Internet users greatly. In order to study their mechanisms, this paper analyzes the typical overflow script and track their operation changes in RAM, finds out the specific details and conditions required for activating overflow-type web page malicious codes, analyzes their general design principle, and obtains their general design method of triggering a vulnerability in the operating system software. Finally, some suggestions to prevent the overflow-type web page malicious codes are presented.",

keywords = "Computer science and technology, Overflow vulnerability, Overflow-type web page malicious code, Web page malicious code",

author = "Li, {Zhi Yong} and Ran Tao and Yue Wang and Hao Zhang",

year = "2010",

month = jun,

language = "English",

volume = "31",

pages = "832--836",

journal = "Binggong Xuebao/Acta Armamentarii",

issn = "1000-1093",

publisher = "China Ordnance Society",

number = "6",

}

TY - JOUR

T1 - Mechanism analysis and prevention of overflow-type web page malicious code

AU - Li, Zhi Yong

AU - Tao, Ran

AU - Wang, Yue

AU - Zhang, Hao

PY - 2010/6

Y1 - 2010/6

N2 - The overflow-type web page malicious codes can activate malicious codes by using the overflow vulnerability of the programmes in the users' host computers, which will harm the Internet users greatly. In order to study their mechanisms, this paper analyzes the typical overflow script and track their operation changes in RAM, finds out the specific details and conditions required for activating overflow-type web page malicious codes, analyzes their general design principle, and obtains their general design method of triggering a vulnerability in the operating system software. Finally, some suggestions to prevent the overflow-type web page malicious codes are presented.

AB - The overflow-type web page malicious codes can activate malicious codes by using the overflow vulnerability of the programmes in the users' host computers, which will harm the Internet users greatly. In order to study their mechanisms, this paper analyzes the typical overflow script and track their operation changes in RAM, finds out the specific details and conditions required for activating overflow-type web page malicious codes, analyzes their general design principle, and obtains their general design method of triggering a vulnerability in the operating system software. Finally, some suggestions to prevent the overflow-type web page malicious codes are presented.

KW - Computer science and technology

KW - Overflow vulnerability

KW - Overflow-type web page malicious code

KW - Web page malicious code

UR - http://www.scopus.com/inward/record.url?scp=77955777520&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:77955777520

SN - 1000-1093

VL - 31

SP - 832

EP - 836

JO - Binggong Xuebao/Acta Armamentarii

JF - Binggong Xuebao/Acta Armamentarii

IS - 6

ER -

Mechanism analysis and prevention of overflow-type web page malicious code

Abstract

Keywords

Other files and links

Fingerprint

Cite this