Please enable JavaScript.
Coggle requires JavaScript to display documents.
Software Security (How attackers can use buffer overflows to carry out…
Software Security
How attackers can use buffer overflows to carry out threats
Memory access violations
Unexpected transfer of control
Corruption of program data
Execution of code chosen by attacker
Outline stack and heap overflows
Paramenter: information passed from A to B
Return Address: place where execution continues after B completed
Stack frame created when Function A calls Function B
Stack pointer: place where execution continues should B fail
Vulnerabilities and countermeasures in handling program input
Incorrect handling is a very common failing
Must identify all data sources
Input is any source of data from outside and whose value is not explicitly known by the programmer when the code was written.
Explicitly validate assumptions on size and type of values before use.
Importance of writing safe program code
Valid manipulation of data
Correct use of memory
Correct machine instructions for algorithm
Correct algorithm implementation
Vulnerabilities in handling program output can be addressed
Important from a program security perspective that the output conform to the expected form and interpretation.
Programs must identify what is permissible output content and filter any possible untrusted data to ensure that only valid ouput is displayed
Final component is program output
Character set should be specified
The basic mechanism of buffer overflows
Programming error when a process attempts to store data beyond the limits of a fixed-sized buffer.
Overwrites adjacent memory locations
Buffer could be located on the stack, in the heap, or in the data section of the process
Common software security issues
Software Error Category: Risky resource Management
Software Error Category: Porous Defenses
Software Error Category: Insecure Interaction Between Components
Distinguish between software quality & reliability and security
Quality and reliability
Improve using structured design and testing to identify and eliminate as many bugs as possible from a program.
Concern is not how many bugs, but how often they are triggered.
Concerned with the accidental failure of program as a result of some theoretically random input, system interaction, or use of incorrect code.
Security
Triggered by inputs that differ dramatically from what is usually expected.
Unlikely to be identified by common testing approaches.
Attacker chooses probability distribution, specifically targeting bugs that result in a failure that can be exploited by the attacker.
Issues in operating system interaction
Programs execute on systems under the control of an operating system.
Systems have a concept of multiple users
Countermeasures to prevent buffer overflow attacks
Programming Language
Use a modern high-level language
Code review and testing
Language extensions / safe libraries (replace unsafe standard library routines with safer variants)
Executable address space protection
Address space randomisation
Run-time defenses: guard pages