Presentation is loading. Please wait.

Presentation is loading. Please wait.

B UFFER O VERFLOW V ULNERABILITIES Prudhviraj Karumanchi Vijay Venugopalan Vijaya Raghavan CPSC 620 Presentation 12/3/2009.

Published byAbigail Bridges Modified over 9 years ago

Similar presentations

Presentation on theme: "B UFFER O VERFLOW V ULNERABILITIES Prudhviraj Karumanchi Vijay Venugopalan Vijaya Raghavan CPSC 620 Presentation 12/3/2009."— Presentation transcript:

1 B UFFER O VERFLOW V ULNERABILITIES Prudhviraj Karumanchi Vijay Venugopalan Vijaya Raghavan CPSC 620 Presentation 12/3/2009

2 CONTENTS Motivation Basic structure of process memory Buffer Overflow Canary Method Static Analysis ARCHER BOON SPLINT Polyspace C Verifier UNO o Conclusion

3 M OTIVATION Buffer Overflows constitute for about 50% of the vulnerabilities reported by CERT. According to National Vulnerability Database (NVD) CVE statistics, 563 buffer overruns were detected in 2008 and 431 buffer overruns out of 4,634 vulnerabilities were detected in 2009 till September. Educate “Future” software programmers.

4 B UFFER ? Buffer : A temporary space in memory used to hold data. Buffer Overflow : Happens when data written into the buffer is larger than the size of the buffer. In turn overwrites adjacent memory locations

5 S AMPLE B UFFER O VERFLOW F UNCTION GetInput() { char buffer[8]; gets(buffer); puts(buffer); } Dangerous Function !!!

6 V IRTUAL A DDRESS S PACE A L OOK AT THE STACK Local Variabl es

7 O VER W RITING THE “ RETURN A DDRESS ” #include notToExecute() { printf(“This is not to be run\n"); } GetInput() { char buffer[8]; gets(buffer); puts(buffer); } main() { GetInput(); return 0; }

8

9 C ANARY M ETHOD T O D ETECT B UFFER O VERFLOWS Stack canaries, are used to detect a stack buffer overflow before execution of malicious code can occur. This method works by placing a small integer, the value of which is randomly chosen at program start, in memory just before the stack return pointer. Most buffer overflows overwrite memory from lower to higher memory addresses, so in order to overwrite the return pointer (and thus take control of the process) the canary value must also be overwritten.

10 S TATIC A NALYSIS OF T OOLS Tools Analysis ARCHERSymbolic, interprocedural, flow-sensitive analysis BOONInteger ranges, interprocedural flow-insensitive analysis for string functions. Polyspace C VerifierAbstract interpretation, Interprocedural, flow-sensitive. SPLINTLightweight static analysis, Intraprocedural. UNOModel checking, interprocedural, flow-sensitive.

11 D ETECTION AND F ALSE ALARM RATES System Detection False Alarm PolySpace 0.87 0.5 SPLINT 0.57 0.43 BOON 0.05 ARCHER 0.01 0 UNO 0 0

12 C ONCLUSION No Software can be 100% bug free. Buffer overflows can be reduced by reduced by enforcing better programming practices from the very early stages of Software Engineering. Some of these are: Use of wrappers Training software programmers with ‘Good’ programming practices Use of memn*() functions instead of str*() functions calloc() instead of malloc() Proper free()ing of memory etc.,

Download ppt "B UFFER O VERFLOW V ULNERABILITIES Prudhviraj Karumanchi Vijay Venugopalan Vijaya Raghavan CPSC 620 Presentation 12/3/2009."

Similar presentations

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.

Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.

Gabe Kanzelmeyer CS 450 4/14/10.  What is buffer overflow?  How memory is processed and the stack  The threat  Stack overrun attack  Dangers  Prevention.
Securing software by enforcing data-flow integrity Manuel Costa Joint work with: Miguel Castro, Tim Harris Microsoft Research Cambridge University of Cambridge.

Securing software by enforcing data-flow integrity Manuel Costa Joint work with: Miguel Castro, Tim Harris Microsoft Research Cambridge University of Cambridge.
Teaching Buffer Overflow Ken Williams NC A&T State University.

Teaching Buffer Overflow Ken Williams NC A&T State University.
Pointers and Memory Allocation – part 2 -L. Grewe.

Pointers and Memory Allocation – part 2 -L. Grewe.
Teaching Buffer Overflow Ken Williams NC A&T State University.

Teaching Buffer Overflow Ken Williams NC A&T State University.
1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)

1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)
Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source Code Zitser, Lippmann & Leek Presented by: José Troche.

Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source Code Zitser, Lippmann & Leek Presented by: José Troche.
Lecture 16 Buffer Overflow

Lecture 16 Buffer Overflow
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.

Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.

University of Washington CSE 351 : The Hardware/Software Interface Section 5 Structs as parameters, buffer overflows, and lab 3.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
G53SEC 1 Software Security Overflows, overruns and (some) confusions.

G53SEC 1 Software Security Overflows, overruns and (some) confusions.
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Similar presentations

Ads by Google