Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: Buffer Overflow Causes Author:

Slides:



Advertisements
Similar presentations
CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Advertisements

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
An Empirical Study of the Reliability in UNIX Utilities Barton Miller Lars Fredriksen Brysn So Presented by Liping Cai.
Buffer Overflow Intro. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Preventing Buffer Overflows (for C programmers)
Buffer Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Causes Author: Jedidiah.
CS 111: Introduction to Programming Midterm Exam NAME _________________ UIN __________________ 10/30/08 1.Who is our hero? 2.Why is this person our hero?
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Teaching Buffer Overflow Ken Williams NC A&T State University.
Teaching Buffer Overflow Ken Williams NC A&T State University.
Software Engineering Lifecycle. ©2002. Jan G. Hogle, Susan L. Gerhart. Software Engineering Lifecycle Authors: Jan G. Hogle,
C Programmer Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: For C Programmers Author: Jedidiah.
Examining the Code [Reading assignment: Chapter 6, pp ]
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
PreAP Computer Science Quiz
Secure Software Development Mini Zeng University of Alabama in Huntsville 1.
CSC 386 – Computer Security Scott Heggen. Agenda Introduction to Software Security.
Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity for Critical Infrastructure Course Flow Diagrams May 2-3, 2013 Support.
An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.
Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.
An Introduction to Information Security Why there’s more to hide than you might think and why hiding it is a lot tougher than you ever dreamed of in your.
Introduction to Buffer Overflows Author: Jedidiah R. Crandall, Distributed: 14 July 2002 Embry-Riddle Aeronautical University in Prescott,
Computer Security and Penetration Testing
Introduction to Java CSIS 3701: Advanced Object Oriented Programming.
Feb Software Development and IT Security at NOAA/NESDIS/NODC John Relph and Ken Casey NOAA National Oceanographic Data.
Buffer Overflow Intro. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Introduction to Buffer Overflows Author:
Overview of Key Security Concepts and Vocabulary This Document was Funded by the National Science Foundation Federal Cyber Service Scholarship For Service.
Embry-Riddle Aeronautical University Prescott, Arizona
MATSEC Past Papers May 2010 Paper 1 Paper 2A. What is the difference between each of the following pairs of items? Syntax Error Caused by forgetting certain.
Buffer Overflow Detection Stuart Pickard CSCI 297 June 14, 2005.
S2008Final_part1.ppt CS11 Introduction to Programming Final Exam Part 1 S A computer is a mechanical or electrical device which stores, retrieves,
Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:
Buffer Overflow Defenses Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: Buffer Overflow Defenses.
Software Testing and Maintenance 1 Code Review  Introduction  How to Conduct Code Review  Practical Tips  Tool Support  Summary.
Buffer Overflow Group 7Group 8 Nathaniel CrowellDerek Edwards Punna ChalasaniAxel Abellard Steven Studniarz.
How to Use BO Demos. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. How to Use Buffer Overflow Demos (applets)
Programming in Java (COP 2250) Lecture 4 Chengyong Yang Fall, 2005.
Intro to Buffer Overflow Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: Buffer Overflow Intro Author:
Introducing C++ to Java Programmers by Kip Irvine updated 2/27/2003.
David Evans CS201j: Engineering Software University of Virginia Computer Science Lecture 9: Designing Exceptionally.
Security Attacks Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 11, 2011.
Debugging, bug finding and bug avoidance Part 2 Alan Dix
Announcements You will receive your scores back for Assignment 2 this week. You will have an opportunity to correct your code and resubmit it for partial.
VM: Chapter 7 Buffer Overflows. csci5233 computer security & integrity (VM: Ch. 7) 2 Outline Impact of buffer overflows What is a buffer overflow? Types.
Chapter 7 Continued Arrays & Strings. Arrays of Structures Arrays can contain structures as well as simple data types. Let’s look at an example of this,
Defensive Programming. Good programming practices that protect you from your own programming mistakes, as well as those of others – Assertions – Parameter.
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade Crispin Cowan SANS 2000.
Cases Study: Code Red. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Case Study: Code Red Author: Jedidiah.
Classic Buffer OVERFLOW ATTACKS CSCE 548 Student Presentation Mouiad Al Wahah.
Secure Programming Dr. X
Buffer Overflow Defenses
Sabrina Wilkes-Morris CSCE 548 Student Presentation
SE-1021 Software Engineering II
Buffer Overflow Defenses
Introduction to Information Security
Secure Programming Dr. X
Module 30 (Unix/Linux Security Issues II)
Defensive Programming
CSCE 548 Secure Software Development Final Exam – Review 2016
CMSC 414 Computer and Network Security Lecture 21
CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst
Quiz: Buffer Overflow Causes
Case Study: Code Red Author: Jedidiah R. Crandall,
Buffer Overflow Defenses
Buffer Overflows.
Java Programming Review 1
Preventing Buffer Overflows (for C programmers)
Binary.
Presentation transcript:

Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Quiz: Buffer Overflow Causes Author: Jedidiah R. Crandall, This Document was Funded by the National Science Foundation Federal Cyber Service Scholarship For Service Program: Grant No Distributed July 2002 Embry-Riddle Aeronautical University Prescott, Arizona USA 3 Questions, Answers follow the “About” page.

Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle Which of these are a security problem? A.Stack smashing B.Heap-based attacks C.Data corruption D.Program crashes E.Core dumps

Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle Which of these statements is true? A.It’s always the size of the input and not the input itself that causes a buffer overflow B.Many buffer overflows are caused by blatantly careless programmer errors C.Even very careful and very skilled programmers can produce software with buffer overflows D.All of the subroutines included in the Standard C Library will do bounds checking for you

Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle Which of these statements is true about a 50 byte buffer in C? A.It will hold 50 ASCII characters (other than the NULL at the end) B.It will hold 100 UNICODE characters C.The last ASCII character (other than NULL) is indexed with the number 98 D.The last ASCII character (other than NULL) is indexed with the number 99 E.The last ASCII character (other than NULL) is indexed with the number 100

Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. About this Project 1.This presentation is part of a larger package of materials on buffer overflow vulnerabilities, defenses, and software practices. For more information, go to: 2.Also available are: –Demonstrations of how buffer overflows occur (Java applets) –PowerPoint lecture-style presentations on an introduction to buffer overflows, preventing buffer overflows (for C programmers), and a case study of Code Red –Checklists and Points to Remember for C Programmers –An interactive module and quiz set with alternative paths for journalists/analysts and IT managers as well as programmers and testers –A scavenger hunt on implications of the buffer overflow vulnerability 3.Please complete a feedback form at to tell us how you used this material and to offer suggestions for improvements.

Buffer Overflow Causes Quiz. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Answers 1. A,B,C,D,E 2. B,C 3. C

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.