Zachary Bol Eastern Kentucky University

Slides:



Advertisements
Similar presentations
Critical Reading Strategies: Overview of Research Process
Advertisements

Lectures on File Management
Case Tools Trisha Cummings. Our Definition of CASE  CASE is the use of computer-based support in the software development process.  A CASE tool is a.
July 11 th, 2005 Software Engineering with Reusable Components RiSE’s Seminars Sametinger’s book :: Chapters 16, 17 and 18 Fred Durão.
Technical Writing II Acknowledgement: –This lecture notes are based on many on-line documents. –I would like to thank these authors who make the documents.
GE 121 – Engineering Design Engineering Design GE121 Reporting the Outcome Lecture 7A.
CHAPTER TEN AUTHORING.
ALL CAPS TITLE Presenter’s Firstname Lastname Affiliation (such as EKU, Dept. of Technology, CEN/CET)
Introduction to Interactive Media Interactive Media Tools: Authoring Applications.
ALL CAPS TITLE Presenter Name Affiliation (University)
ALL CAPS TITLE Group Name Presenter Names Affiliation Information.
DESIGNING AN ARTICLE Effective Writing 3. Objectives Raising awareness of the format, requirements and features of scientific articles Sharing information.
ALL CAPS TITLE Source Author Name(s) & Affiliation (University/Lab/Company) Presented by: Your Group Name & Member Names.
Oman College of Management and Technology Course – MM Topic 7 Production and Distribution of Multimedia Titles CS/MIS Department.
Class will start at the top of the hour! Please turn the volume up on your computer speakers to access the audio feature of this seminar. WELCOME TO CE101.
Project Report Format for Final Year Engineering Students.
1 Team Skill 3 Defining the System Part 1: Use Case Modeling Noureddine Abbadeni Al-Ain University of Science and Technology College of Engineering and.
Engineering Quality Software Week02 J.N.Kotuba1 SYST Engineering Quality Software.
Advanced Higher Computing Science
Information System Applications
Human Computer Interaction Lecture 21 User Support
Shellcode COSC 480 Presentation Alison Buben.
CMGT 410 aid Education Begins/cmgt410aid.com
MagneLock David Hinely Dept. of Applied Engineering & Technology
Data Virtualization Tutorial… SSL with CIS Web Data Sources
Algorithms and Problem Solving
Jordan Terry Eastern Kentucky University
Use Cases Discuss the what and how of use cases: Basics Benefits
Chapter 5 – Requirements Engineering
CSCI-235 Micro-Computer Applications
PLANNING AND DESIGNING A RESEARCH STUDY
Research Methods Dr. X.
Chapter 2: System Structures
Reports Chapter 17 © Pearson 2012.
ALL CAPS TITLE Source Author Name(s) & Affiliation (University/Lab/Company) Presented by: Your Group Name & Member Names For the final capstone presentation.
Introduction to New Product Development (Portfolio)
Introduction to Operating System (OS)
Knut Kröger & Reiner Creutzburg
Lippincott Procedures Training Tour for HealthStream Users
Full Name Affiliation (Dept./University) Contact
Design, prototyping and construction
The Rolling Pi-Duino Ira Scott Callahan EKU
Your Inquiry Project
Research Presentation
Student writing and learning
Chapter 11 Design, prototyping and construction 1.
Introduction to Computer Programming
The Starting Point: Asking Questions
Research Seminar Session 7 Presenting a Research proposal By: Dr
Capstone Design B. Ramamurthy CSE651C, B. Ramamurthy June 16, 2017.
Game Loop Update & Draw.
BUSINESS COMMUNICATION SKILLS PRESENTATION SKILLS OF THESIS & PROJECT
Chapter Four Engineering Communication
Algorithms and Problem Solving
Topic 5: Communication and the Internet
Design Brief.
Chapter Four Engineering Communication
ONLINE SECURE DATA SERVICE
Chapter Four Engineering Communication
Using the 7 Step Lesson Plan to Enhance Student Learning
Engineering Quality Software
Name Affiliation Contact
TC 310 The Computer in Technical Communication
Name Affiliation Contact
Inspiration/Kidspiration
Put the Lesson Title Here
An overview of course assessment
Design, prototyping and construction
Research Presentation
Presentation transcript:

Zachary Bol Eastern Kentucky University Zachary_Bol@mymail.eku.edu The Sinking Ship! Zachary Bol Eastern Kentucky University Zachary_Bol@mymail.eku.edu Name of presenter(s) at mid-term; and single presenter for the final presentation Affiliation – e.g. Network Security & Electronics Program or Dept. of Applied Engineering & Technology, Eastern Kentucky University Contact – email or other way for contacting you regarding the work in the future Background of slides may be changed for the mid-term or the final presentation.

OUTLINE Overview of the presentation System Functionality Learning how computer programs interact with computer hardware and exploiting those actions for personal gain System Functionality Preventing intended computer code from Executing Using a method to bypass unwanted parts of a computer program(e.g. Authentication) Overview of the work 3-5 points noting the key functionality provided by the system, its intended audience, hinting on the convenience/applicability (“awesomeness”) of the work, a way to start telling your project’s story … drawing the audience into the presentation This presentation provides the necessary background knowledge, the key design and prototyping steps needed for understanding the video If basing your presentation and video on an article refer to the abstract or the conclusion section for identifying the big ideas and the main contributions of the work. If the work is based on a video/multimedia resource try to identify the different logical sections it contains, and note its main contributions.

MOTIVATION The Buffer Overflow is the result of the program failing to verify storage of a user’s input This exploit should be addressed because a computer processor can be hijacked by a malicious user Highlight the issue which requires the specialized solution you have developed Show and Tell – do both! Multiple slides may be used for motivating different aspects of the problem that is being solved through this technology or device Change this graphic and add graphics related to your project on different slides – if in doubt add more rather than less illustrations. (If possible use “public domain” images which do not require citations.

INTRODUCTION The Buffer Overflow is manipulating data that is stored in memory known as the stack. The key work that has been done for this topic is not only the discovery of the exploit but also gaining the ability to control a computer processor for future projects Essential theories needed for solving the problem Diagnosis of where the code lacks memory buffer verification The replacement of bad code with functions that incorporate bounds checking Technical areas your project covers Key work that has been done by other practitioners/researchers in this area Multiple slides may be used with ideas drawn from different sources New content is often based on the work that has come before – document the primary sources you used and how these influence the design or development of your project. For the mid-term presentation try to identify at least one multimedia resource, one presentation/instructable, and one conference/journal paper that is closely related to this topic. These 3 types of sources and be then referred to while developing your how-to instructional video along with the mid-term PowerPoint presentation. For the final presentation refer to the key sources you identified as part of the Annotated Bibliography (Progress Report 2)

PROBLEM STATEMENT The Buffer Overflow is when a computer program fails to do “Bounds Checking.” Bounds Checking is the computer program verifying the buffer’s content that stores data from input fields. The Buffer Overflow fills the buffer with more data than originally allocated by the programmer Specific problem Include constraints/limits Provide a suitable graphic illustrating the problem – this could be an abstraction of the system with key areas identified. Later on in the presentation, as part of the solution process for this problem, provide additional details about these key areas. Your individual capstone project is intended to solve a specific problem under a given set of conditions – identify these conditions clearly. Relaxing the conditions under which the system can operate will make it more easily adaptable for general use and broader adoption worldwide.

Sub-Problem(s) A sub-problem that was needed to be solved along the way is understanding how much data is needed to be inputted by a user to execute a Buffer Overflow. In order to use this exploit, there is a required knowledge of the basics of the Assembly language. The Assembly language is human readable abbreviations of the logic sequencing of a computer processor

Sub-Problem Additional Content The Assembly language tracks the movement of data that is stored in memory for the processor to execute In this instance, the exploit requires a precise amount of user inputted data. This precise amount of data will allow the extra data to overwrite the intended section of code The example for this project is overflowing the section of code that is responsible for password authentication

A brief look at assembly And shell code (www.Lexsi.com,2010)

Included constraints/limits The Buffer Overflow has the ability to operate in various cases The major constraint is an in-depth understanding of the programming language that is used in the application This project required some research into what functions do not implement “Bounds Checking.”

Included constraints/limits Additional information The discovering of computer programs that are vulnerable to the Buffer Overflow can be highly time consuming Modern computer programs heavily rely on imported material from other libraries within the same programming language These libraries are often extensive which means that analysis of individual weak functions may be inefficient use of time Finally, modern computers have been implemented “Stack” protections which makes tracking down a program’s data difficult by changing the method of how data is stored in memory

Assumptions The implicit assumptions is that modern computer systems are going to be more capable to handle larger than expected data inputs by a user List the operating conditions, system constraints Any implicit or explicit assumptions

PROPOSED SOLUTION The proposed solution is implementing a technique that is known as ASLR(Address Space Layout Randomization) ASLR works by randomizing the memory addressing that is associated with program data such as variables When the memory addresses are randomized the process of hijacking a computer program becomes a difficult process Provide block diagram of the solution showing the key sections List steps taken to solve the problem – use flowcharts and visuals liberally. A flowchart can be very helpful in showing the logic behind your design. Use at least a multi-phase (minimum 2-phase) approach to key sections of your design, with critical functionality implemented first, and other features added in later. Multiple slides should be used for discussing the design. As part of the individual capstone provide a timeline of implementation

PROPOSED SOLUTION 2 The next solution is to implement canary words into program code The term comes from the canary birds that were placed in coal mines. The bird would alert the workers to noxious and deadly gases. The animal was more sensitive to these gases and let the coal miners know when to leave. According to the CEH Ethical hacker book by Matt Walker canary words are: “Known values placed between the buffer and control data. If a buffer overflow occurs, the canary will be altered first, triggering a halt to the system.”

RESULTS(Phases) Phase 1- The first important task was defining the users, what their account numbers were and finally associating those values with one another Phase 2- The next major phase included key results of a user object that will give the logged on user an identity in the program Phase 3 – This third phase’s key result was the creation of a successful user authentication Phase 4 – This is the final phase which yielded the ability to transfer funds from different user accounts List key results from each phase of the prototyping process Use at least a 2-phase approach to prototyping – annotated photos and diagrams Note how results were evaluated and then used to improve subsequent versions of your system – more photos Emphasize safety in design development For the individual capstone provide a visual timeline showing accomplishment of key milestones identified as part of the design

Final Code Results(1)

Final Code Results(2)

Buffer Overflow Visual Overview Launch video at suitable point in presentation. Embed video link – You may simply modify the existing multimedia object above, by right-clicking it, then select the “Property Sheet” in the pop-up menu. Next replace the “Movie” property to the link of your video without any special characters if it is available publicly (such YouTube, etc.). The video link for “Five Minute University” is http://www.youtube.com/v/kO8x8eoU3L4 Alternatively, you may also insert the video from you local computer system. You may choose to have a screen shot of the video on this slide and choose to play the video using third party software. This option would be suitable if your video is not publicly available The video should at a minimum address the following five areas: What is this instruction video about – catchy title relevant to the activity Why is this important (to me, to the audience, to the broader community) Prep including parts, tools, equipment needed along with proper safety precautions for users and components How-to: The actual step-by-step procedure, include captions or voice-over highlighting the different steps needed Wrap-up summarize what was done, its importance, reiterate key safety features, any disclaimers Include a credits slide at the end acknowledging graphics, music, or multimedia used. Cite sources using APA. **NOTE:THIS IS A FLOW DIAGRAM FOR THE EXPLOITATION PROCESS

CAPstone Video Presentation

CONCLUSIONS Achieving and understanding a buffer overflow is significant because a computer user can use this exploit to gain access to unintended parts of computer software Comment on significance of results - their applicability in the home or workplace Each group member should comment on how the jointly designed and developed presentation with integrated video relates to their individual project (at least one slide per group member) Provide an interpretation of the results, compare with other products/systems, note on how this device serves or extends the original plans For the final capstone presentation this slide will change to: Comments regarding how your thinking about tackling large technical projects has changed over the course of the semester. You may discuss any misconceptions or assumptions you had prior to starting the capstone, along with effective strategies that are working well for you.

Conclusions-Project Scale This project comes from a very basic concept of the buffer overflow To note on this project: Modern operating systems have stack protections Techniques like ASLR are turned on regularly making a Buffer Overflow much more difficult Modern computers can better handle when the buffer is slightly overflowed Modern compliers(Visual basic) will often report errors when the software detects weak functions or unintended execution of computer software

Conclusions-”When reality strikes back!” The concept of the Buffer Overflow can be applied to a much larger context Take for example the infamous “Heart Bleed Scenario” : This is a vulnerability in Open SSL It can be considered a “Buffer Underflow” Uses Heartbeat Command: This test if a connection is alive The Heart Beat command asks and expects the same amount of data to be returned However, if more data is asked to be returned by the host than the server is expecting. Then the server will give all the data that is located in its buffer space. The server will continue to send data until the request is filled. The result is the malicious host gaining access to private encrypted data.

Heart Bleed Visual (Scott, T,2014)

FUTURE WORK A positive implication to this project is creating user awareness to patch software as much as possible A negative implication is that this knowledge gives a user the skills and tools to get in a lot of legal trouble This project can be expanded by introducing the concepts of creating your own exploits using shell code Discuss implications Comment on ideas you are currently exploring for expanding the functionality of the project User reverse-brainstorming techniques for suggesting ways to enlarge or to focus its score to a specific user population or other setting Note ideas on commercialization of the project or how this may be improved to complete with existing products Plan for 3-5 audience questions ahead of time. If the specific questions are not asked by the audience you may bring up these points for discussion.

Future Work-A brief look at assembly And shellcode (www.Lexsi.com,2010)

Assembly and Shell code graphic overview The previous slide represented the assembly language, which is human readable version of how a processor executes data from memory(Figure 3) Figure 4 is a representation of Shell code, which is used to program a processor and can be used to mislead the direction of data execution

Thank you for your Attendance! What do think about the Buffer Overflow? What are the fundamentals to computer science? What software do you wish you could bypass? (Skinwalker,2012)

REFERENCES Carvalho, M. (2013, November 19). Hacker Course Buffer Overflow - A Practical Example (with Exploit) [Video file]. Retrieved from https://www.youtube.com/watch?v=aEZKGW_VTd4 Geere, D. (2008, December 8). "Pirates of the Amazon" gets sunk by Amazon. Retrieved from http://www.techdigest.tv/2008/12/pirates_of_the_3.html Rouse, M., & Shea, S. (2014, June). address space layout randomization (ASLR). Retrieved from http://searchsecurity.techtarget.com/definition/address-space- layout-randomization-ASLR Scott, T. (2014, April 8). From Missingno to Heartbleed: Buffer Exploits and Buffer Overflows. Retrieved from https://www.youtube.com/watch?v=rE5dW3BTpn4 Skinwalker. (2012, January 5). Just for Fun. Retrieved from https://skinwalker.wordpress.com/category/fun-stuff/page/2/ Walker, M., & Walker, A. (2011). Web-Based Hacking: Servers and Applications. In CEH Certified Ethical Hacker [Kindle 4.21 version] (2nd ed., p. 190). Retrieved from http://www.amazon.com/Certified-Ethical-Hacker- All Guideebook/dp/B006BXREDQ/ref=tmm_kin_swatch_0?_encoding=U TF8&qid=&sr= www.Lexsi.com. (2010, May 10). [Shellcode in assembly]. Retrieved from https://www.lexsi.com/securityhub/ingenious-shellcode-in-a-pdf- document/?lang=en APA citation of the key sources Provide citation for all images, sounds, multimedia used For the final capstone, note key sources your project references (Progress Report 2: Annotated Bibliography) in APA format Provide an APA reference to your project itself being hosted through the department of Applied Engineering & Technology (AE&T) website -- http://people.eku.edu/chandrav/NET/Capstone_2016/capstoneProjects_2016.html

ACKNOWLEDGEMENTS I would like to acknowledge Dr. Eugene Styer of Eastern Kentucky University Computer Science Department for providing: Redefined context for the code Teaching Programming Concepts Revising Code drafts Revising and teaching of foundation computer science concepts needed for the success of this project In final capstone presentation you may thank those who helped make this complex capstone project a manageable endeavor.