Presentation is loading. Please wait.

Presentation is loading. Please wait.

Classic Buffer OVERFLOW ATTACKS CSCE 548 Student Presentation Mouiad Al Wahah.

Published byLaurel Wilkerson Modified over 7 years ago

Similar presentations

Presentation on theme: "Classic Buffer OVERFLOW ATTACKS CSCE 548 Student Presentation Mouiad Al Wahah."— Presentation transcript:

1 Classic Buffer OVERFLOW ATTACKS CSCE 548 Student Presentation Mouiad Al Wahah

2 Introduction It was discovered in hacking circles. It occurs when the program tries to write more data than the buffer can hold. It has catastrophic impacts on the software security. It is a gate to get full control on the system.

3 Technical overview1 Buffer overflow attacks works by: Exploits bugs in input boundary checking Exploits flaws in error handling Assign more data to a buffer than it can handle Leads to unpredictable program behavior This behavior is the weapon of the attacker

4 Technical overview2 Common consequences on: Confidentiality: stealing secret data Integrity: corrupted data, loss of data Availability: DoS, crash of the running programs, etc..

5 Buffer overflow example 1 1 void func(char *str) 2 { 3 char buffer_1[10]; 4 strcpy(buffer_1,str); 5 } 6 int main () 7{ 8 char s[30]; 9 printf("input the data\n"); 10 gets(s); 11 func(s); 12 printf("The residue data goes here\n"); 13}

6 Buffer overflow example 2

7 Buffer overflow example 3 January 2001, Code Red hits MS IIS servers. September 1997, Buffer Overflow turns USS Yorktown into a dead ghost for more than 2.30 hours. 1988, Buffer overflow in Berkeley Unix finger daemon.

8 Detection buffer overflow vulnerabilities Manual code review. Automated Static Analysis. Automated Dynamic Analysis.

9 Defense Against Buffer Overflow1 Use safe languages like Java, Perl,..etc. Check all inputs (input ALWAYS is EVIL). Use safer functions that do BOUNDS CHECKING, strncpy instead of strcpy. Use automated tools to find out potential unsafe functions.

10 Questions & Answers Why there is Classic buffer overflow and just Buffer overflow? Why the problem is still there?

11 Conclusion Buffer overflow is the most exploited vulnerability. No certain way to completely eliminate this attack. The best method to tackle this attack is by following the best practices: Code review. Manual code analysis. Static code analysis tools Dynamic code analysis tools. etc..

12 References https://cwe.mitre.org/top25/index.html#CWE-120 24 Deadly Sins of Software Security http://archive.wired.com/software/coolapps/news/2005/11/69355?tw=wn_story_mailer Mark Shaneck, ”An Overview of Buffer Overflow Vulnerabilities and Internet Worms”, CSCI 8980, December 10, 2003.

Download ppt "Classic Buffer OVERFLOW ATTACKS CSCE 548 Student Presentation Mouiad Al Wahah."

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Buffer Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Causes Author: Jedidiah.

Buffer Overflow Causes. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Causes Author: Jedidiah.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
K. Salah1 Buffer Overflow The crown jewel of attacks.

K. Salah1 Buffer Overflow The crown jewel of attacks.
Foundations of Network and Computer Security J J ohn Black Lecture #30 Nov 26 th 2007 CSCI 6268/TLEN 5831, Fall 2007.

Foundations of Network and Computer Security J J ohn Black Lecture #30 Nov 26 th 2007 CSCI 6268/TLEN 5831, Fall 2007.
Static code check – Klocwork

Static code check – Klocwork
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Teaching Buffer Overflow Ken Williams NC A&T State University.

Teaching Buffer Overflow Ken Williams NC A&T State University.
Teaching Buffer Overflow Ken Williams NC A&T State University.

Teaching Buffer Overflow Ken Williams NC A&T State University.
Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source Code Zitser, Lippmann & Leek Presented by: José Troche.

Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source Code Zitser, Lippmann & Leek Presented by: José Troche.
Lecture 16 Buffer Overflow

Lecture 16 Buffer Overflow
Statically Detecting Likely Buffer Overflow Vulnerabilities David Larochelle David Evans University of Virginia Department of Computer Science Supported.

Statically Detecting Likely Buffer Overflow Vulnerabilities David Larochelle David Evans University of Virginia Department of Computer Science Supported.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
Lecture 0 Appendix on Implementation Threats Material from Warren Page & Chpt 11, Information Security by Mark Stamp.

Lecture 0 Appendix on Implementation Threats Material from Warren Page & Chpt 11, Information Security by Mark Stamp.
C Programming - Lecture 6 This lecture we will learn: –Error checking in C –What is a ‘wrappered function’? –What is a clean interface? –How to earn your.

C Programming - Lecture 6 This lecture we will learn: –Error checking in C –What is a ‘wrappered function’? –What is a clean interface? –How to earn your.
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.
BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.

BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.
Computer Science Detecting Memory Access Errors via Illegal Write Monitoring Ongoing Research by Emre Can Sezer.

Computer Science Detecting Memory Access Errors via Illegal Write Monitoring Ongoing Research by Emre Can Sezer.

Similar presentations

Ads by Google