中图分类号：TP391文献标识码：ADOI:10.19358/j.issn.2097-1788.2025.03.001
引用格式：王俊卿，邬江，黄永洪，等. 基于操作系统行为测量的栈溢出检测方法［J］.网络安全与数据治理，2025，44（3）：1-7.

Stack overflow detection method based on operating system behavior measurement

Abstract： This paper analyzes the causes of stack overflow and existing detection technologies, and proposes a stack overflow detection method based on operating system behavior measurement. Based on the theoretical foundation of operating system behavior measurement, the formal definition of operating system behavior is presented. Utilize virtual machine introspection technology to monitor memory access in real-time during program execution, enabling transparent out-of-band detection of stack buffer overflow behavior. Experimental results show that this method can effectively identify buffer overflows and has a low false positive rate. This research outcome provides a new perspective and solution for improving system security.

Key words : stack overflow;virtual machine introspection;detection method