在眾多的攻擊手法中,Buffer overflow 造成的Code-Injection 攻擊是 一種很嚴重的攻擊方式。因為攻擊者可以任意執行惡意程式碼,可能會 造成memory leak、任意記憶體位置讀寫、最嚴重可以拿到主機控制權。 本篇論文設計了一套偵測Code-Injection 的方式,利用QEMU 和 Linux Kernel 配合,可以即時偵測並且找出在執行檔哪個地方發生 Code-Injection。;In many of attack methods, the Code-Injection attacks is a serious problem that makes attackers can execute malicious code arbitrarily. It may cause memory leak, arbitrarily memory read/write or even taking control on the host machine. We had designed a method to detect Code-Injection attacks. Using QEMU and Linux Kernel, we can not only detect read-time Code-Injection attacks but also locate functions of Code-Injection vulnerability.
