The security protection of the software system of the man-machine intergrated information systems consisting of computer hardware and software, network and communication equipment, information resources, users and regula-tions, etc.is studied.Considering that security vulnerabilities are easily used to attack software, a study of buffer overflow vulnerability prevention is conducted.The basic methods using buff overflow to attack software and the typ-ical methods for buffer overflow prevention are investigated, the trends of the studies on buffer overflow prevention' s static prevention and dynamic prevention at home and abroad are surveyed and the risk level analysis of security vulnerabilities is performed, and finally, the technical thinking about the buffer overflow vulnerability prevention of software systems is given.%研究了由计算机软硬件、网络和通讯设备、信息资源、信息用户和规章制度组成的人机一体化信息系统的软件系统的安全防护.针对安全漏洞易被用于进行软件攻击的现实情况,进行了软件系统缓冲区溢出漏洞防范研究.研究了利用缓冲区溢出进行攻击的基本方法以及缓冲区溢出防护的经典方法,对国内外缓冲区溢出漏洞的静态防范和动态防范研究的态势进行了观察,对软件系统安全漏洞风险层次进行了分析,最后给出了有关软件系统缓冲区溢出防护研究的技术思考.
展开▼
