Lecture 13 Page 1 CS 236 Online Major Problem Areas for Secure Programming Certain areas of programming have proven to be particularly prone to problems.

Slides:



Advertisements
Similar presentations
Defenses. Preventing hijacking attacks 1. Fix bugs: – Audit software Automated tools: Coverity, Prefast/Prefix. – Rewrite software in a type safe languange.
Advertisements

Exploring Security Vulnerabilities by Exploiting Buffer Overflow using the MIPS ISA Andrew T. Phillips Jack S. E. Tan Department of Computer Science University.
CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
An Empirical Study of the Reliability in UNIX Utilities Barton Miller Lars Fredriksen Brysn So Presented by Liping Cai.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 11 – Buffer Overflow.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Part III Counter measures The best defense is proper bounds checking but there are many C/C++ programmers and some are bound to forget  Are there any.
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
1 CHAPTER 8 BUFFER OVERFLOW. 2 Introduction One of the more advanced attack techniques is the buffer overflow attack Buffer Overflows occurs when software.
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.
Buffer Overflow Exploits CS-480b Dick Steflik. What is a buffer overflow? Memory global static heap malloc( ), new Stack non-static local variabled value.
Teaching Buffer Overflow Ken Williams NC A&T State University.
© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 13 Implementation Flaws Part 1: Buffer Overruns.
Teaching Buffer Overflow Ken Williams NC A&T State University.
Andrea Bittau, Adam Belay, Ali Mashtizadeh, David Maziéres, Dan Boneh
Static Analysis for Security Amir Bazine Per Rehnberg.
System Calls 1.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
Exploitation: Buffer Overflow, SQL injection, Adobe files Source:
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.
Lecture 13 Page 1 CS 136, Fall 2014 Secure Programming Computer Security Peter Reiher December 2, 2014.
Computer Security and Penetration Testing
Mitigation of Buffer Overflow Attacks
Buffer Overflow Group 7Group 8 Nathaniel CrowellDerek Edwards Punna ChalasaniAxel Abellard Steven Studniarz.
Buffer Overflow Attack Proofing of Code Binary Gopal Gupta, Parag Doshi, R. Reghuramalingam, Doug Harris The University of Texas at Dallas.
Lecture 14 Page 1 CS 236 Online Variable Initialization Some languages let you declare variables without specifying their initial values And let you use.
Buffer Overflows Taught by Scott Coté.-. _ _.-. / \.-. ((___)).-. / \ /.ooM \ / \.-. [ x x ].-. / \ /.ooM \ -/ \ /-----\-----/---\--\ /--/---\-----/-----\ / \-
David Evans CS201j: Engineering Software University of Virginia Computer Science Lecture 9: Designing Exceptionally.
Web Security Firewalls, Buffer overflows and proxy servers.
Group 9. Exploiting Software The exploitation of software is one of the main ways that a users computer can be broken into. It involves exploiting the.
Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2013.
Security Attacks Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 11, 2011.
Lecture 14 Page 1 CS 136, Fall 2012 Secure Programming CS 136 Computer Security Peter Reiher November 15, 2012.
1988 Morris Worm … estimated 10% penetration 2001 Code Red … 300,00 computers breached 2003 Slammer/Sapphire … 75,00 infections in 10 min Zotob …
VM: Chapter 7 Buffer Overflows. csci5233 computer security & integrity (VM: Ch. 7) 2 Outline Impact of buffer overflows What is a buffer overflow? Types.
1988 Morris Worm … estimated 10% penetration 2001 Code Red … 300,00 computers breached 2003 Slammer/Sapphire … 75,00 infections in 10 min Zotob …
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade Crispin Cowan SANS 2000.
Lecture 15 Page 1 CS 236 Online Choosing Technologies Different technologies have different security properties –Operating systems –Languages –Object management.
@Yuan Xue Worm Attack Yuan Xue Fall 2012.
Lecture 5 Page 1 CS 111 Summer 2013 Bounded Buffers A higher level abstraction than shared domains or simple messages But not quite as high level as RPC.
Lecture 15 Page 1 CS 136, Fall 2011 Secure Programming CS 136 Computer Security Peter Reiher November 15, 2011.
Lecture 13 Page 1 CS 136, Spring 2016 Secure Programming Computer Security Peter Reiher May 17, 2016.
Lec. Waleed Bin Shahid.  You might have noticed a lot of issues related to software implementation.  The ultimate requirement of developer(s) is to.
Lecture 14 Page 1 CS 236 Online Secure Programming CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Secure Programming Dr. X
Secure Programming Computer Security Peter Reiher February 23, 2017
Major Problem Areas for Secure Programming
Mitigation against Buffer Overflow Attacks
Software Security Buffer Overflows more countermeasures
Protecting Memory What is there to protect in memory?
Protecting Memory What is there to protect in memory?
Secure Programming Dr. X
Module 30 (Unix/Linux Security Issues II)
Protecting Memory What is there to protect in memory?
Outline Introduction Principles for secure software
Choosing Technologies
Secure Programming CS 136 Computer Security Peter Reiher May 20, 2014
CMSC 414 Computer and Network Security Lecture 21
High Coverage Detection of Input-Related Security Faults
CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst
Software Security Lesson Introduction
COMP755 Advanced Operating Systems
Testing & Security Dr. X.
Secure Programming CS 136 Computer Security Peter Reiher March 2, 2010
Outline Introduction Principles for secure software
Choosing Technologies
Presentation transcript:

Lecture 13 Page 1 CS 236 Online Major Problem Areas for Secure Programming Certain areas of programming have proven to be particularly prone to problems What are they? How do you avoid falling into these traps?

Lecture 13 Page 2 CS 236 Online Example Problem Areas Buffer overflows and other input verification issues Error handling Access control issues Race conditions Use of randomness Proper use of cryptography Trust Variable synchronization Variable initialization There are others...

Lecture 13 Page 3 CS 236 Online Buffer Overflows The poster child of insecure programming One of the most commonly exploited types of programming error Technical details of how they occur discussed earlier Key problem is language does not check bounds of variables

Lecture 13 Page 4 CS 236 Online Preventing Buffer Overflows Use a language with bounds checking –Most modern languages other than C and C++ (and assembler) –Not always a choice –Or the right choice –Not always entirely free of overflows Check bounds carefully yourself Avoid constructs that often cause trouble

Lecture 13 Page 5 CS 236 Online Problematic Constructs for Buffer Overflows Most frequently C system calls: –gets(), strcpy(), strcat(), sprintf(), scanf(), sscanf(), fscanf(), vfscanf(), vsprintf(), vscanf(), vsscanf(), streadd(), strecpy() –There are others that are also risky

Lecture 13 Page 6 CS 236 Online Why Are These Calls Risky? They copy data into a buffer Without checking if the length of the data copied is greater than the buffer Allowing overflow of that buffer Assumes attacker can put his own data into the buffer –Not always true –But why take the risk?

Lecture 13 Page 7 CS 236 Online What Do You Do Instead? Many of the calls have variants that specify how much data is copied –If used properly, won’t allow the buffer to overflow Those without the variants allow precision specifiers –Which limit the amount of data handled

Lecture 13 Page 8 CS 236 Online Is That All I Have To Do? No These are automated buffer overflows You can easily write your own Must carefully check the amount of data you copy if you do And beware of integer overflow problems

Lecture 13 Page 9 CS 236 Online An Example Actual bug in OpenSSH server: u_int nresp;... nresp = packet_get_int(); If (nresp > 0) { response = xmalloc(nresp * sizeof(char *)); for (i=0; i<nresp;i++) response[i] = packet_get_string(NULL); } packet_check_eom();

Lecture 13 Page 10 CS 236 Online Why Is This a Problem? nresp is provided by the user –nresp = packet_get_int(); But we allocate a buffer of nresp entries, right? –response = xmalloc(nresp * sizeof(char *)); So how can that buffer overflow? Due to integer overflow

Lecture 13 Page 11 CS 236 Online How Does That Work? The argument to xmalloc() is an unsigned int Its maximum value is –4,294,967,295 sizeof(char *) is 4 What if the user sets nresp to 0x ? Multiplication is modulo –So 4 * 0x is 0x80

Lecture 13 Page 12 CS 236 Online What Is the Result? There are 128 entries in response[] And the loop iterates hundreds of millions of times –Copying data into the “proper place” in the buffer each time A massive buffer overflow

Lecture 13 Page 13 CS 236 Online Other Programming Tools for Buffer Overflow Prevention Software scanning tools that look for buffer overflows –Of varying sophistication Use a C compiler that includes bounds checking –Typically offered as an option Use integrity-checking programs –Stackguard, Rational’s Purity, etc.

Lecture 13 Page 14 CS 236 Online Canary Values One method of detecting buffer overflows Akin to the “canary in the mine” Place random value at end of data structure If value is not there later, buffer overflow might have occurred Implemented in language or OS

Lecture 13 Page 15 CS 236 Online Data Execution Prevention (DEP) Buffer overflows typically write executable code somewhere DEP prevents this –Page is either writable or executable So if overflow can write somewhere, can’t execute the code Present in Windows, Mac OS, etc. Doesn’t help against some advanced techniques

Lecture 13 Page 16 CS 236 Online Randomizing Address Space (ASLR) Address Space Layout Randomization Randomly move around where things are stored –Base address, libraries, heaps, stack Making it hard for attacker to write working overflow code Used in Windows, Linux, MacOS Not always used, not totally effective –Several recent Windows problems from programs not using ASLR

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.