.

Saturday, March 30, 2019

Buffer Overflow Attacks And Types Computer Science Essay

relent flood lamp Attacks And Types Computer Science Essay snarf yellowish brown Overflows ar one of the main reasons for tasks in a calculating machine establishment. Statistics in this report pee shown that the number of advances in the past 20 years is increasing drastically and it is devotee overflow which is also rated the just about occurring attack. This paper basically provides the miscellaneous embarrassion techniques for Buffer Overflow attacks, worry Canaries, DEP and ASLR, and more which have been deployed and are drop deading sound to a veritable extent.IntroductionIt is the job of the compiler to check for hallucinations or vulnerabilities in the polity. In C, the compiler is not so very efficient to detect these ordered errors. The simplest form of a buffer overflow attack would be as follows-char buf15char buf210=A1B2C3D4E5strcpy(buf1,buf2)The higher up 3 lines of code are compiled without whatever error by the C compiler as in that locatio n are no syntactical errors. besides logically we are copying a string of 10 chars into a buffer which tidy sum hold nevertheless 5 chars. This might be a small typing error on the syllabusmers side, only if results in an attack which usher out overwrite the info which might have been stored in the retentiveness location next to the outer space allocated for buf1. This is Buffer Overflow. Its types are explained in the section below.Buffer Overflow Attacks types.Buffer Overflow Attack as defined by Kramer (2000) occurs when a chopine or a process tries to business leader more data into a buffer than it is actually intended to hold. The simplest examples to explain this is the program above, but in laymans terms, let us assume 2 remands, one with a capability of 2 fiftys and another of 1 litre. If you try to empty the 2litres of water into the jug which can hold only 1 litre, you spill 1 litre of water. This attack can have many consequences on a system like incorrect r esults, security breach or even a system scud.Posey (2005) explains the different types of Buffer Overflow attacks. There are basically two kinds of buffer overflow attacks1. Heap-based attacks and2. Stack-based attacks.In Heap-based attack the attacker floods the memory space which is actually reserved for the program. This attacks is not exactly easy as it feels, hence the number of attacks with respect to the heap are very rare.In Stack-based attack, the attacker takes advantage of the pile, a part of the memory reserved for the program to store data or reference pointes. The attacker then partially crashes the mint candy and forces the program execution to start from a return name of a malicious program address which is actually written by the attacker.Statistics bod 1. Buffer Overflow StatisticsStatistics from the National photo Database(2011) show the occurrence of Buffer overflow attacks. It ranges from 1989 to 2011. The graph is declining in the last 3-4 years, but expe rts say that there is a possibility that it may rise again.Prevention TechniquesSome army based mechanisms to interdict Buffer Overflow Attacks are mentioned below spotting Elimination Kuperman(2005) says detection and elimination of the vulnerable code is necessary in advance someone takes advantage of that code. In this technique there are ship dash in which software searches for some specific type of code. This is known as Source Code Auditing. Vernon (2003) in his WhitePaper has mentioned techniques and ways how it is done. Kuperman has also mentioned about a group, OpenBSD Group, a group which audits the source code free of cost for a BSD based Operating System. The time taken for analysis is large and the expertise of the volunteers determine their efficiency.Complier Modifications A technique to repress buffer overflow attack is to modify the way the data is stored in the memory. StackGuard is a type of a complier which can be used to add gaps in the memory in between, these gaps are known as Canaries. It works in the following way whenever a function gets a return call, it reads the canary on the bargain and check for any modification. If it finds the canary is modified it understands it is under attack. (Kuperman, 2005). Another Complier, ProPolice uses pointers to address memory locations. ProPolice is also an enhancement concept of StackGuard. Frantzen Shuey (2001) in their article have mentioned about StackGhost. StackGhost is a unique technique which was developed by sunshine Microsystems. It detects the change in return pointers without actually affecting the program. It effect on the throughput is also negligible. This made attackers much more difficult to do a buffer overflow.Array Bounds Checking Cowan et al(2000) have explained each time an effect needs to be performed on an array, we can do the leap checking. If boundary is reached it wont allow writing into the array, thus avoiding the buffer overflow. Similarly we can write a co de to check the size of each buffer when writing. If the destination buffer is bigger than the other which is to be copied, then its ok or dont allow it. This technique although might work, but is very dearly-won to implement as it will delay the actual process.Non-Executable Stack Fritsch (2009) explains marker of the stack as Non-Executable can help stopping Buffer Overflow. But this in turn also stops genuine programs from executing straightaway from the stack. Sanders (2009) had also mentioned the same technique. The article mentioned that Microsoft had included a security romp in its new service pack for Windows XP (it was Win XP SP2). This was known as DEP (Data Execution Prevention). DEP is of 2 types hardware and Software. In Hardware DEP some split of the memory were marked as Non-Executable by the processor. But again this was a bit tricky as not all processors supported Hardware DEP. Software DEP on the other hand watches the exception thrown by program and checks w hether they actually belong to the program.Address Space Layout Randomization Wagle (2003) has mentioned that front the attacker used to insert a large number of nop instructions, to work around the memory location. ASLR randomly allocates memory locations to the code and data, thus qualification it difficult for the attacker to find the instructions.Proof Carrying Code (PCC) Necula (1997) says PCC is a technique which checks the properties of the program, and the code and also checks its security policy and determines whether it should allow it to execute it or not.SmashGuard Kuperman(2005) has explained this technique uses a modification of the normal call ret instructions. Whenever a call instruction is encountered along with the actual entry of the return address on the stack another entry on the data stack within the processor. Then when it encounters the ret instruction it matches both the return addresses. If it matches it goes forward with the execution else if a match i s not found then it terminates the program. in like manner no changes are made to the data. This is a technique which works well with Brute Force Attack.Split Stack Kuperman (2005) has explained that Split Stack or Secure Address Return Stack (SAS) is a proposed technique to prevent buffer overflow attack. In this technique two software stack are used, one for mesh information and another for data information. thence even if an attacker gains access to the data stack, he cannot affect the control stack. Although it might need to read and write from 2 stacks it is price the time.Write Correct Code Cowan et al (2000) writes, the best way to avoid any kind of attack if to write good and correct code. It is a humans tendency to write and forget the code, but that same code can be checked by someone else as well.The above mentioned prevention techniques are only few of them which are available there are many techniques available for prevention against Buffer Overflow Attacks and vari ous other attacks.RisksFritsch (2009) in another article has explained the way to bypass ASLR protection. He explains there exists a flaw in the random number times for ASLR. He explains it is not so very difficult to predict the randomisation address. Writing a program which will try and brute force the memory location till it finds the correct one breaks the ASLR protection. Symantec Architect Mr. Whitehouse (2007) had mentioned the problem of ASLR in Windows Vista.Research by Mr. Bojinov (2011) shows pre-linking can help in implementing ASLR on Android phones. He has introduced retouching which is similar in design to prelinking. Also crash stack analysis is introduced which uses crash reports on the local device to prevent brute-force attacks.ConclusionThis report includes what exactly are buffer overflow attacks, the defenses mechanisms which can be build up to prevent against them. Buffer Overflow attacks are on the top when discussing about penetration issues or buffer cere brate vulnerability issues. Earlier it were only professionals amateurs who were trying buffer overflow attacks, but now the situation has changed, a small keyword search Buffer Overflow Attack Programs returns results with detailed tutorials and description to perform it. Also the National Vulnerability Database shows that Buffer Overflow attacks have reduced in the past 3 years, but no one knows when situations might change.

No comments:

Post a Comment