{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

A paper on Buffer Overflow attacks, what they are and how to prevent them

A paper on Buffer Overflow attacks, what they are and how to prevent them

Info icon This preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
A Practical Dynamic Buffer Overflow Detector Olatunji Ruwase Transmeta Corporation 3990 Freedom Circle Santa Clara, CA 95054 [email protected] Monica S. Lam Computer Systems Laboratory Stanford University Stanford, CA 94305 [email protected] Abstract Despite previous efforts in auditing software manually and automatically, buffer overruns are still being discov- ered in programs in use. A dynamic bounds checker de- tects buffer overruns in erroneous software before it oc- curs and thereby prevents attacks from corrupting the in- tegrity of the system. Dynamic buffer overrun detectors have not been adopted widely because they either (1) cannot guard against all buffer overrun attacks, (2) break existing code, or (3) incur too high an overhead. This paper presents a practical detector called CRED (C Range Error Detec- tor) that avoids each of these deficiencies. CRED finds all buffer overrun attacks as it directly checks for the bounds of memory accesses. Unlike the original referent-object based bounds-checking technique, CRED does not break existing code because it uses a novel solution to support program manipulation of out-of-bounds addresses. Fi- nally, by restricting the bounds checks to strings in a pro- gram, CRED’s overhead is greatly reduced without sacri- ficing protection in the experiments we performed. CRED is implemented as an extension of the GNU C compiler version 3.3.1. The simplicity of our design makes possible a robust implementation that has been tested on over 20 open-source programs, comprising over 1.2 million lines of C code. CRED proved effective in de- tecting buffer overrun attacks on programs with known vulnerabilities, and is the only tool found to guard against a testbed of 20 different buffer overflow attacks[34]. Find- ing overruns only on strings impose an overhead of less This research was performed while the first author was at Stanford Uni- versity, and this material is based upon work supported in part by the National Science Foundation under Grant No. 0086160. than 26% for 14 of the programs, and an overhead of up to 130% for the remaining six, while the previous state-of- the-art bounds checker by Jones and Kelly breaks 60% of the programs and is 12 times slower. Incorporating well- known techniques for optimizing bounds checking into CRED could lead to further performance improvements. 1. Introduction Buffer overflows are the most common form of secu- rity threat in software systems today, and vulnerabilities attributed to buffer overflows have consistently dominated CERT advisories[7]. In the year 2002, 57% of security ad- visories for the year were related to buffer overflow vul- nerabilities. As of August 2003, 50% of the security advi- sories issued for the year fell under this category. In addi- tion, 50% of the 60 most severe vulnerabilities as posted on CERT/CC were caused by buffer overflow errors in programs[8]. A similar pattern is also observable in vul- nerabilities listings posted on computer security websites, such as SecurityFocus[27] and Securiteam[26]. Computer
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern