Classic Buffer OVERFLOW ATTACKS CSCE 548 Student Presentation Mouiad Al Wahah.

Slides:



Advertisements
Similar presentations
Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Advertisements

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Buffer Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Causes Author: Jedidiah.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
K. Salah1 Buffer Overflow The crown jewel of attacks.
Foundations of Network and Computer Security J J ohn Black Lecture #30 Nov 26 th 2007 CSCI 6268/TLEN 5831, Fall 2007.
Static code check – Klocwork
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Teaching Buffer Overflow Ken Williams NC A&T State University.
Teaching Buffer Overflow Ken Williams NC A&T State University.
Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source Code Zitser, Lippmann & Leek Presented by: José Troche.
Lecture 16 Buffer Overflow
Statically Detecting Likely Buffer Overflow Vulnerabilities David Larochelle David Evans University of Virginia Department of Computer Science Supported.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
Lecture 0 Appendix on Implementation Threats Material from Warren Page & Chpt 11, Information Security by Mark Stamp.
C Programming - Lecture 6 This lecture we will learn: –Error checking in C –What is a ‘wrappered function’? –What is a clean interface? –How to earn your.
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.
BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.
Computer Science Detecting Memory Access Errors via Illegal Write Monitoring Ongoing Research by Emre Can Sezer.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 10 “Buffer Overflow”.
Security - Why Bother? Your projects in this class are not likely to be used for some critical infrastructure or real-world sensitive data. Why should.
Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
CSCE 548 Secure Software Development Taxonomy of Coding Errors.
Security Attacks CS 795. Buffer Overflow Problem Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program.
A Tool for Pro-active Defense Against the Buffer Overrun Attack D. Bruschi, E. Rosti, R. Banfi Presented By: Warshavsky Alex.
4061 Session 26 (4/19). Today Network security Sockets: building a server.
Shellcode Development -Femi Oloyede -Pallavi Murudkar.
Mobile Code and Worms By Mitun Sinha Pandurang Kamat 04/16/2003.
Software Development Introduction
David Evans CS201j: Engineering Software University of Virginia Computer Science Lecture 9: Designing Exceptionally.
Introduction to Software Analysis CS Why Take This Course? Learn methods to improve software quality – reliability, security, performance, etc.
Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2013.
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 11, 2011.
1988 Morris Worm … estimated 10% penetration 2001 Code Red … 300,00 computers breached 2003 Slammer/Sapphire … 75,00 infections in 10 min Zotob …
VM: Chapter 7 Buffer Overflows. csci5233 computer security & integrity (VM: Ch. 7) 2 Outline Impact of buffer overflows What is a buffer overflow? Types.
1988 Morris Worm … estimated 10% penetration 2001 Code Red … 300,00 computers breached 2003 Slammer/Sapphire … 75,00 infections in 10 min Zotob …
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade Crispin Cowan SANS 2000.
Week-14 (Lecture-1) Malicious software and antivirus: 1. Malware A user can be tricked or forced into downloading malware comes in many forms, Ex. viruses,
@Yuan Xue Worm Attack Yuan Xue Fall 2012.
Buffer Overflow Defenses
Shellcode COSC 480 Presentation Alison Buben.
Major Problem Areas for Secure Programming
Buffer Overflows Incomplete Access Control
Buffer Overflow Buffer overflows are possible because C doesn’t check array boundaries Buffer overflows are dangerous because buffers for user input are.
Sabrina Wilkes-Morris CSCE 548 Student Presentation
SE-1021 Software Engineering II
CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.
Execution with Unnecessary Privileges
The Hardware/Software Interface CSE351 Winter 2013
Udaya Shyama Pallathadka Ganapathi Bhat CSCE 548 Student Presentation
Software Security Testing
Protecting Memory What is there to protect in memory?
Theodore Lawson CSCE548 Student Presentation, Topic #2
Michael Eng Mentors: Mark Pumphrey, Greg Cordero
CSCE 548 Secure Software Development Final Exam – Review 2016
Secure Software Development: Theory and Practice
High Coverage Detection of Input-Related Security Faults
CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst
Quiz: Buffer Overflow Causes
Preventing Buffer Overflow Attacks
Software Security Lesson Introduction
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow II: Defense Techniques Cliff Zou Spring 2011.
CS703 - Advanced Operating Systems
Automation of Testing in the Distributed Common Ground System (Army)
Automation of Testing in the Distributed Common Ground System (Army)
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow II: Defense Techniques Cliff Zou Spring 2009.
CS5123 Software Validation and Quality Assurance
CNT4704: Analysis of Computer Communication Network Special Topic: Buffer Overflow II: Defense Techniques Cliff Zou Fall 2011.
Presentation transcript:

Classic Buffer OVERFLOW ATTACKS CSCE 548 Student Presentation Mouiad Al Wahah

Introduction It was discovered in hacking circles. It occurs when the program tries to write more data than the buffer can hold. It has catastrophic impacts on the software security. It is a gate to get full control on the system.

Technical overview1 Buffer overflow attacks works by: Exploits bugs in input boundary checking Exploits flaws in error handling Assign more data to a buffer than it can handle Leads to unpredictable program behavior This behavior is the weapon of the attacker

Technical overview2 Common consequences on: Confidentiality: stealing secret data Integrity: corrupted data, loss of data Availability: DoS, crash of the running programs, etc..

Buffer overflow example 1 1 void func(char *str) 2 { 3 char buffer_1[10]; 4 strcpy(buffer_1,str); 5 } 6 int main () 7{ 8 char s[30]; 9 printf("input the data\n"); 10 gets(s); 11 func(s); 12 printf("The residue data goes here\n"); 13}

Buffer overflow example 2

Buffer overflow example 3 January 2001, Code Red hits MS IIS servers. September 1997, Buffer Overflow turns USS Yorktown into a dead ghost for more than 2.30 hours. 1988, Buffer overflow in Berkeley Unix finger daemon.

Detection buffer overflow vulnerabilities Manual code review. Automated Static Analysis. Automated Dynamic Analysis.

Defense Against Buffer Overflow1 Use safe languages like Java, Perl,..etc. Check all inputs (input ALWAYS is EVIL). Use safer functions that do BOUNDS CHECKING, strncpy instead of strcpy. Use automated tools to find out potential unsafe functions.

Questions & Answers Why there is Classic buffer overflow and just Buffer overflow? Why the problem is still there?

Conclusion Buffer overflow is the most exploited vulnerability. No certain way to completely eliminate this attack. The best method to tackle this attack is by following the best practices: Code review. Manual code analysis. Static code analysis tools Dynamic code analysis tools. etc..

References 24 Deadly Sins of Software Security Mark Shaneck, ”An Overview of Buffer Overflow Vulnerabilities and Internet Worms”, CSCI 8980, December 10, 2003.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.