Computer Security:
Principles and Practice
Fourth Edition
By: William Stallings and Lawrie Brown
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Guidelines and tips
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community
Ask the community for help and clear up your study doubts
University Rankings
Discover the best universities in your country according to Docsity users
Free resources
Our save-the-student-ebooks!
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Computer Systems Security, Schemes and Mind Maps of Computer Security
Computer Systems Security It contains everything
Typology: Schemes and Mind Maps
2022/2023
1 / 39
This page cannot be seen from the preview
Don't miss anything!
Related documents
Partial preview of the text
Download Computer Systems Security and more Schemes and Mind Maps Computer Security in PDF only on Docsity!
Computer Security:
Principles and Practice
Fourth Edition
By: William Stallings and Lawrie Brown
Chapter 10
Buffer Overflow
Buffer Overflow
- A very common attack mechanism
- First widely used by the Morris Worm in 1988
- Prevention techniques known
- Still of major concern
- Legacy of buggy code in widely deployed operating systems and applications
- Continued careless programming practices by programmers
Buffer Overflow A buffer overflow, also known as a buffer overrun, is defined in the NIST Glossary of Key Information Security Terms as follows: “A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information. Attackers exploit such a condition to crash a system or to insert specially crafted code that allows them to gain control of the system.”
Programming Language History
- At the machine level data manipulated by machine instructions executed by the computer processor are stored in either the processor’s registers or in memory
- Assembly language programmer is responsible for the correct interpretation of any saved data value Modern high-level languages have a strong notion of type and valid operations - (^) Not vulnerable to buffer overflows - (^) Does incur overhead, some limits on use C and related languages have high- level control structures, but allow direct access to memory • (^) Hence are vulnerable to buffer overflow
- (^) Have a large legacy of widely used, unsafe, and hence vulnerable
Stack Buffer Overflows
- Occur when buffer is located on stack
- Also referred to as^ stack smashing
- Used by Morris Worm
- Exploits included an unchecked buffer overflow
- Are still being widely exploited
- Stack frame
- When one function calls another it needs somewhere to save the return address
- Also needs locations to save the parameters to be passed in to the called function and to possibly save register values
Figure 10. Another Stack Overflow Example
Table 10. Some Common Unsafe C Standard Library Routines
Figure
Example UNIX Shellcode
Table 10. Some Common x86 Assembly Language Instructions