Sabrina Wilkes-Morris CSCE 548 Student Presentation BUFFER OVERFLOW Sabrina Wilkes-Morris CSCE 548 Student Presentation
Technical Overview What is a Buffer Overflow Technical Overview What is a Buffer Overflow? A buffer overflow occurs when data written to a buffer also corrupts data values in memory address adjacent to the destination buffer due to insufficient bounds checking. (1)
Well known Buffer Overflow Exploits The Morris Worm Code Red Code Red II Remote Buffer overflow in sendmail SQL Slammer Nachi-A worm
The Morris Worm One of the first buffer overflow attacks which attracted widespread attention due to its spectacular success was Robert Morris's Internet Worm (2). Released in 1988 Exploited the buffer overflow Worm Infected thousands
Buffer Overflow Attack 1. Install the attack code 2. Copy the data into the buffer 3. The buffer overflows 4. Attack execution
Example (3) #include <stdio.h> Void DontDoThis(char* input) { char buf [16]; printf(“%s\n”, buf); } Int main(int argc, char* argv[]) // So we’re not checking arguments //What do you expect from an app that uses strcpy? DontDoThis(argv[1]); Return 0;
Sample Buffer Overflow Attack (4)
Sample Buffer Overflow Attack (5)
Buffer Overflow Effects Software or system crash Attacker gains access Worm installed
Prevention Techniques Programming Language Use of safe libraries Disabling Stack Execution Compiler Techniques Loop Arrays Analysis Tools
Detection Methods - Analysis Tools App Verifier Coverity Fortify Klocwork ProPolice No eXecute (NX)
Conclusion Buffer overflows will probably never be completely eradicated. Programmers and developers will have to continue to maximize their defenses. Most compiler and operating system defenses are still not enough to combat buffer overflows. Tools such as Coverity, Fortify and Klocwork can be run to analyze security defects in C/C++ code. Additional measures such as stack protection and nonexecutable stack and heap can improve the defense against Buffer overflows.
References 1. https://en.wikipedia.org/wiki/Buffer_overflow buffer. 2. Wilander, John, and Mariam Kamkar. "A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention." NDSS. Vol. 3. 2003. 3. Howard, Michael, David LeBlanc, and John Viega. 24 deadly sins of software security: programming flaws and how to fix them. McGraw-Hill, Inc., 2009. 4 http://www.pixbam.com/buffer-overflow/buffer-overflow-attack-diagram/46974 5. http://cis1.towson.edu/~cssecinj/modules/cs2/buffer-overflow-cs2-java/
Questions?