Protecting against Buffer Overflow Attacks - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

Protecting against Buffer Overflow Attacks

Description:

collection of items stored in contiguous memory locations ... canary. 11. Background. Attack mechanism. Protection mechanisms. Summary ... – PowerPoint PPT presentation

Number of Views:41
Avg rating:3.0/5.0
Slides: 12
Provided by: thoma423
Category:

less

Transcript and Presenter's Notes

Title: Protecting against Buffer Overflow Attacks


1
Protecting against Buffer Overflow Attacks
  • Greta Yorsh

Tel Aviv University
Workshop on Security
2
Protecting against Buffer Overflow Attacks
  • Background and motivation
  • Attack mechanism
  • Protection Mechanism

3
Objectives
  • Recognize programs with possible BOF
  • Implement BOF attack
  • Write programs without BOF
  • Understand existing protection mechanism
  • Evaluate new protection mechanisms

4
Background
  • What is security ?
  • What damage is caused by the attack ?
  • send email to all neighbors
  • restart computer
  • erase all files
  • denial of service
  • run spy programs learn passwords, read
    confidential data
  • How attack works ?

5
Terminology
  • Buffer (array)
  • collection of items stored in contiguous memory
    locations
  • Overflow cause by placing more data in the
    buffer than it can contain
  • Types of BOF attacks
  • stack
  • heap
  • Programmers mistake

6
Motivation
  • 60 of security flaws caused by buffer overflow
    attacks

7
Example
stack
code
1684 1260 1120 1100 876 874 872 772 0
  • char baz
  • void foo() char BUF100 strcpy(BUF,
    baz) printf("s\n", BUF)
  • int main() baz getenv("HOME") foo() exit(
    0)

globals
baz
(1200)
return address (1640)
heap
8
Example
stack
code
1684 1260 1120 1100 876 874 872 772 0
  • char baz
  • void foo() char BUF100 strcpy(BUF,
    baz) printf("s\n", BUF)
  • int main() baz getenv("HOME") foo() exit(
    0)

globals
baz
(1200)
heap
9
Example
stack
code
1684 1260 1120 1100 876 874 872 772 0
  • void foo(char bar) char BUF100 strcpy(BUF,
    bar) printf("s\n", BUF)
  • int main() char baz baz
    getenv("HOME") foo() exit(0)

globals
\0 774 f a
101 100 99 0
baz
(1200)
774
f b a
99 1 0
BUF
heap
10
Protection Mechanism
stack
code
1684 1260 1120 1100 876 874 872 772 0
  • non-executable stacks
  • array-bounded check added by the compiler
  • StackGuard
  • StackShield

globals
\0 744 f a
101 100 99 0
baz (1200)
return address (1640)
canary
1640
heap
11
Summary
  • Correct programs can not be attacked by BOF
  • Protection mechanism exists
  • Protection mechanisms can be attacked
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Protecting against Buffer Overflow Attacks" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!