по
Journal Menu
> Issues > Rubrics > About journal > Authors > About the Journal > Requirements for publication > Council of Editors > Peer-review process > Peer-review in 24 hours: How do we do it? > Policy of publication. Aims & Scope. > Article retraction > Ethics > Copyright & Licensing Policy > Publication in 72 hours: How do we do it? > Digital archiving policy > Open Access Policy > Open access publishing costs > Article Identification Policy > Plagiarism check policy
Journals in science databases
About the Journal

ѕубликаци€ за 72 часа - теперь это реальность!
ѕри необходимости издательство предоставл€ет авторам услугу сверхсрочной полноценной публикации. ”же через 72 часа стать€ по€вл€етс€ в числе опубликованных на сайте издательства с DOI и номерами страниц.
ѕо первому требованию предоставл€ем все подтверждающие публикацию документы!
MAIN PAGE > Back to contents
Cybernetics and programming
Reference:

The study of the disassembled representation of executable files generated by different compilers. Example of buffer overflow vulnerability.
Revnivykh Aleksandr Vladimirovich

PhD in Technical Science

Associate Professor, Department of Information Security, Novosibirsk State University of Economics and Management 

630099, Russia, Novosibirskaya oblast', g. Novosibirsk, ul. Kamenskaya, 56

al.revnivykh@mail.ru
ƒругие публикации этого автора
 

 
Velizhanin Anatolii Sergeevich

Specialist, Tyumen Industrial University

625000, Russia, Tyumenskaya oblast', g. Tyumen', ul. Volodarskogo, 38

anatoliy.velizhanin@gmail.com
ƒругие публикации этого автора
 

 

Abstract.

The subject of the study is a potential  buffer overflow vulnerability in various software related to the function of the standard C / C ++ strcpy programming language library and approaches and methods for finding such vulnerabilities. The object of the study is the data of the machine code of the compilers when the program is assembled in various modes. The purpose of the study is to analyze some features of the machine code generated by various compilers for Windows and Linux in the Debug and Release modes, including, on the basis of this, a review of the buffer overflow vulnerability. Research methods. The paper reviews and develops methods for constructing algorithms for searching for buffer overflow vulnerabilities, examines the characteristics of this vulnerability at the level of machine code. This is done using the Visual C ++ compilers, Intel C ++ compilers, g ++ compilers, as well as the WinDBG, GDB debuggers. Key findings. Building programs in different modes leads to the formation of differences in the executable code, which is made from the completely same high-level programming language code; these differences manifest themselves in differences in program behavior. In the course of researching software in search of vulnerabilities, it is important to analyze computer code in order to identify hidden patterns. The novelty of the study lies in identifying differences in the machine code obtained after assembling the same high-level code, identifying compiler stamps when executing the assembly of the program in different modes. A special contribution of the author to the study of the topic is the development of methods for constructing algorithms for searching for buffer overflow vulnerabilities.

Keywords: Debug mode, Compiler stamps, Buffer overflow, Disassembling, Code analysis, Vulnerabilities, Information security, Release mode, Algorithm construction methods, WinDBG debugger

DOI:

10.25136/2306-4196.2019.1.28238

Article was received:

06-12-2018


Review date:

06-12-2018


Publish date:

13-12-2018


This article written in Russian. You can find full text of article in Russian here .

References
1.
Mukhanova A. A., Revnivykh A. V., Fedotov A. M. Klassifikatsiya ugroz i uyazvimostei informatsionnoi bezopasnosti v korporativnykh sistemakh // Vestnik NGU. Ser.: Informatsionnye tekhnologii. Ч 2013. Ч T. 11. Ч є
2.
ЦЧS. 55Ц72. Ч ISSN 1818-7900. 2.Velizhanin A. S., Revnivykh A. V. Evristicheskii metod poiska uyazvimostei v PO bez ispol'zovaniya iskhodnogo koda // XIV Rossiiskaya konferentsiya s mezhdunarodnym uchastiem "Raspredelennye informatsionnye i vychislitel'nye resursy" (DICR-2012). Ч ISBN 978-5-905569-05-0.
3.
Vikipediya. Perepolnenie bufera [Elektronnyi resurs] URL: http://en.wikipedia.org/wiki/Perepolnenie_bufera
4.
Ablyazov R. Z. Programmirovanie na assemblere na platforme kh86_64. Ucheb. posobie / R. Z. Ablyazov. Ч Moskva: DMK Press, 2011. Ч 305 c. Ч ISBN: 978-5-94074-676-8
5.
Ofitsial'nyi sait kompanii Intel. [Elektronnyi resurs] URL: www.intel.com
6.
Revnivykh A. V., Fedotov A. M. Monitoring informatsionnoi infrastruktury organizatsii // Vestnik NGU. Ser.: Informatsionnye tekhnologii. Ч 2013. Ч T. 11. Ч є 4. Ч S. 84Ц91. Ч URL: https://nsu.ru/xmlui/bitstream/handle/nsu/1295/2013_V11_N4_8.pdf.
7.
Voropaev D. P., Zaugolkov I. A. Issledovanie programmnykh uyazvimostei v komp'yuternykh sistemakh i analiz primenyaemogo programmnogo obespecheniya dlya provedeniya atak na vychislitel'nuyu sistemu // Vestnik Tambovskogo universiteta. Seriya: Estestvennye i tekhnicheskie nauki. Ч 2014. Ч T. 19. Ч є 2. Ч S. 637Ц638. Ч ISSN 1810-0198. ЧURL: https://cyberleninka.ru/article/v/issledovanie-programmnyh-uyazvimostey-v-kompyuternyh-sistemah-i-analiz-primenyaemogo-programmnogo-obespecheniya-dlya-provedeniya-atak
8.
Nurmukhametov A. R., Kurmangaleev Sh. F., Kaushan V. V., Gaisaryan S. S. Primenenie kompilyatornykh preobrazovanii dlya protivodeistviya ekspluatatsii uyazvimostei programmnogo obespecheniya // Trudy instituta sistemnogo programmirovaniya RAN. Ч 2014. Ч T. 26. Ч є 3. Ч S. 113Ц124. Ч ISSN 2079-8156.
9.
Fedotov A. N. Metod otsenki ekspluatiruemosti programmnykh defektov // Trudy instituta sistemnogo programmirovaniya RAN. Ч 2016. Ч T. 28. Ч є 4. Ч S. 137Ц148. Ч DOI: 10.15514/ISPRAS-2016-28(4)-8.
10.
Fedotov A. N., Kaushan V. V., Gaisaryan S. S., Kurmangaleev Sh. F. Postroenie predikatov bezopasnosti dlya nekotorykh tipov programmnykh defektov // Trudy instituta sistemnogo programmirovaniya RAN. Ч 2017. Ч T. 29. Ч є 6. Ч S. 151Ц162. Ч DOI: 10.15514/ISPRAS-2017-29(6)-8.
11.
Shudrak M. O., Kheirkhabarov T. S. Avtomatizirovannyi poisk uyazvimostei v binarnom kode // Reshetnevskie chteniya. Sibirskii gosudarstvennyi aerokosmicheskii universitet im. akad. M. F. Reshetneva. Ч 2012. ЧT. 16. Ч є 2. Ч S. 691Ц692.
12.
Vakhrushev I. A., Kaushan V. V., Padaryan V. A., Fedotov A. N. Metod poiska uyazvimosti formatnoi stroki // Trudy instituta sistemnogo programmirovaniya RAN. Ч 2015 Ч T. 27. Ч є 4. Ч S. 23Ц34. Ч ISSN 2079-8156. Ч DOI: 10.15514/ISPRAS-2015-27(4)-2
13.
Padaryan V. A., Kaushan V. V., Fedotov A. N. Avtomatizirovannyi metod postroeniya eksploitov dlya uyazvimosti perepolneniya bufera na steke // Trudy instituta sistemnogo programmirovaniya RAN. Ч 2014. Ч T. 26. Ч є 6. Ч S. 127Ц144. Ч ISSN 2079-8156.
14.
Nurmukhametov A. R., Zhabotinskii E. A., Kurmangaleev Sh. F., Gaisaryan S. S., Vishnyakov A. V. Melkogranulyarnaya randomizatsiya adresnogo prostranstva programmy pri zapuske // Trudy instituta sistemnogo programmirovaniya RAN. Ч 2014. Ч T. 29. Ч є 6. Ч S. 163Ц182. Ч ISSN 2079-8156.
15.
Fedotov A. N., Padaryan V. A., Kaushan V. V., Kurmangaleev Sh. F., Vishnyakov A. V., Nurmukhametov A. R. Otsenka kritichnosti programmnykh defektov v usloviyakh raboty sovremennykh zashchitnykh mekhanizmov // Trudy instituta sistemnogo programmirovaniya RAN. Ч 2016. Ч T. 28. Ч є 5. Ч S. 73Ц92. Ч DOI: 10.15514/ISPRAS-2016-28(5)-4.
16.
Nadezhdin E. N., Shchiptsova E. I., Shershakova T. L. Analiz uyazvimostei programmnogo obespecheniya pri proektirovanii mekhanizma integrirovannoi zashchity korporativnoi informatsionnoi sistemy // Sovremennye naukoemkie tekhnologii. Ч 2017. Ч є 10. Ч S. 32Ц38. Ч ISSN 1812-7320. Ч URL: http://www.top-technologies.ru/ru/article/view?id=36824
17.
Mironov S. V., Kulikov G. V. Tekhnologii kontrolya bezopasnosti avtomatizirovannykh sistem na osnove strukturnogo i povedencheskogo testirovaniya programmnogo obespecheniya // Kibernetika i programmirovanie. Ч 2015. Ч є 5. Ч S.158Ц172. Ч ISSN 2306-4196. Ч DOI: 10.7256/2306-4196.2017.1.20351
18.
Azymshin I. M., Chukanov V. O. Analiz bezopasnosti programmnogo obespecheniya // Bezopasnost' informatsionnykh tekhnologii. Ч 2014. Чє 1. Ч S. 45Ц47. Ч ISSN 2074-7136.
19.
Sosnin Yu. V., Kulikov G. V., Nepomnyashchikh A. V. Kompleks matematicheskikh modelei optimizatsii konfiguratsii sredstv zashchity informatsii ot nesanktsionirovannogo dostupa // Programmnye sistemy i vychislitel'nye metody. Ч 2015. Ч є 1. Ч S. 32Ц44. Ч ISSN 2305-6061. Ч DOI: 10.7256/2305-6061.2015.1.14124
20.
Nepomnyashchikh A. V., Kulikov G. V., Sosnin Yu. V., Nashchekin P. A. Metody otsenivaniya zashchishchennosti informatsii v avtomatizirovannykh sistemakh ot nesanktsionirovannogo dostupa // Voprosy zashchity informatsii. Ч 2014. Ч є 1 (104). Ч S. 3Ц12. Ч ISSN 2073-2600.
21.
Kozachok A. V., Kochetkov E. V. Obosnovanie vozmozhnosti primeneniya verifikatsii programm dlya obnaruzheniya vredonosnogo koda. Voprosy kiberbezopasnosti. Ч 2016. Ч Byp. 3(16). Ч S. 25Ц32. Ч ISSN 2311-3456. Ч URL: https://cyberleninka.ru/article/v/obosnovanie-vozmozhnosti-primeneniya-verifikatsii-programm-dlya-obnaruzheniya-vredonosnogo-kod
Link to this article

You can simply select and copy link from below text field.


Other our sites:
Official Website of NOTA BENE / Aurora Group s.r.o.
"History Illustrated" Website