Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sabrina Wilkes-Morris CSCE 548 Student Presentation

Published byBlaze Horton Modified over 6 years ago

Similar presentations

Presentation on theme: "Sabrina Wilkes-Morris CSCE 548 Student Presentation"— Presentation transcript:

1 Sabrina Wilkes-Morris CSCE 548 Student Presentation
BUFFER OVERFLOW Sabrina Wilkes-Morris CSCE 548 Student Presentation

2 Technical Overview What is a Buffer Overflow
Technical Overview What is a Buffer Overflow? A buffer overflow occurs when data written to a buffer also corrupts data values in memory address adjacent to the destination buffer due to insufficient bounds checking. (1)

3 Well known Buffer Overflow Exploits
The Morris Worm Code Red Code Red II Remote Buffer overflow in sendmail SQL Slammer Nachi-A worm

4 The Morris Worm One of the first buffer overflow attacks which attracted widespread attention due to its spectacular success was Robert Morris's Internet Worm (2). Released in 1988 Exploited the buffer overflow Worm Infected thousands

5 Buffer Overflow Attack
1. Install the attack code 2. Copy the data into the buffer 3. The buffer overflows 4. Attack execution

6 Example (3) #include <stdio.h> Void DontDoThis(char* input) {
char buf [16]; printf(“%s\n”, buf); } Int main(int argc, char* argv[]) // So we’re not checking arguments //What do you expect from an app that uses strcpy? DontDoThis(argv[1]); Return 0;

7 Sample Buffer Overflow Attack (4)

8 Sample Buffer Overflow Attack (5)

9 Buffer Overflow Effects
Software or system crash Attacker gains access Worm installed

10 Prevention Techniques
Programming Language Use of safe libraries Disabling Stack Execution Compiler Techniques Loop Arrays Analysis Tools

11 Detection Methods - Analysis Tools
App Verifier Coverity Fortify Klocwork ProPolice No eXecute (NX)

12 Conclusion Buffer overflows will probably never be completely eradicated. Programmers and developers will have to continue to maximize their defenses. Most compiler and operating system defenses are still not enough to combat buffer overflows. Tools such as Coverity, Fortify and Klocwork can be run to analyze security defects in C/C++ code. Additional measures such as stack protection and nonexecutable stack and heap can improve the defense against Buffer overflows.

13 References 1. https://en.wikipedia.org/wiki/Buffer_overflow buffer.
2. Wilander, John, and Mariam Kamkar. "A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention." NDSS. Vol Howard, Michael, David LeBlanc, and John Viega. 24 deadly sins of software security: programming flaws and how to fix them. McGraw-Hill, Inc., 2009. 4 5.

14 Questions?

Download ppt "Sabrina Wilkes-Morris CSCE 548 Student Presentation"

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.

Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Review: Software Security David Brumley Carnegie Mellon University.

Review: Software Security David Brumley Carnegie Mellon University.
Buffer Overflow Prevention ”\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e \x89\xe3\x50\x53\x50\x54\x53\xb0\x3b\x50\xcd\x80” Presented to CRAB April.

Buffer Overflow Prevention ”\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e \x89\xe3\x50\x53\x50\x54\x53\xb0\x3b\x50\xcd\x80” Presented to CRAB April.
K. Salah1 Buffer Overflow The crown jewel of attacks.

K. Salah1 Buffer Overflow The crown jewel of attacks.
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.

Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.
Stack buffer overflow http://en.wikipedia.org/wiki/Stack_buffer_overflow.

Stack buffer overflow
Buffer Overflow By: John Quach and Napoleon N. Valdez.

Buffer Overflow By: John Quach and Napoleon N. Valdez.
Lecture 16 Buffer Overflow

Lecture 16 Buffer Overflow
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.

Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.

An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.
Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:

Buffer Overflow Defenses. ©2002, Jedidiah R. Crandall, Susan L. Gerhart, Jan G. Hogle. Buffer Overflow Defenses Author:
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.
Exploiting Buffer Overflows on AIX/PowerPC HP-UX/PA-RISC Solaris/SPARC.

Exploiting Buffer Overflows on AIX/PowerPC HP-UX/PA-RISC Solaris/SPARC.
BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.

BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.
Detection and Prevention of Buffer Overflow Exploit Cai Jun Anti-Virus Section Manager R&D Department Beijing Rising Tech. Corp. LTD.

Detection and Prevention of Buffer Overflow Exploit Cai Jun Anti-Virus Section Manager R&D Department Beijing Rising Tech. Corp. LTD.

Similar presentations

Ads by Google