A Tool for Visualizing Buffer Overflow with Detecting Return Address Overwriting
نویسنده
چکیده
Buffer overflow is a serious problem when the software is run as a server on the internet. Especially when the return addresses are overwritten intentionally, the control flow may be changed as the attacker intends. Although there have been proposed several ways to protect attacks that utilize the buffer overflow, the number of the errors owing to the buffer overflow have been increasing gradually. This paper presents a tool that visualizes the buffer overflow when executing programs in C language, especially when the return addresses are overwritten. The functionality is mainly targeted at beginners of C programming who do not recognize the attacks, which we expect makes the number of errors decrease in the future.
منابع مشابه
Survey of return-oriented programming defense mechanisms
A prominent software security violation-buffer overflow attack has taken various forms and poses serious threats until today. One such vulnerability is return-oriented programming attack. An return-oriented programming attack circumvents the dynamic execution prevention, which is employed in modern operating systems to prevent execution of data segments, and attempts to execute unintended instr...
متن کاملArchitecture Support for Defending Against Buffer Overflow Attacks
Buffer overflow attacks are the predominant threat to the secure operation of network and in particular, Internetbased applications. Stack smashing is a common mode of buffer overflow attack for hijacking system control. This paper evaluates two architecture-based techniques to defend systems against such attacks: (1) the split control and data stack, and (2) secure return address stack (SRAS)....
متن کاملSTACKFENCES: A Run-Time Approach for Detecting Stack Overflows
This paper describes StackFences, a run-time technique for detecting overflows in local variables in C programs. This technique is different from all others developed so far because it tries to detect explicit overflow occurrences, instead of detecting if a particular stack value, namely a return address, was corrupted because of a stack overflow. Thus, StackFences is useful not only for detect...
متن کاملSecure Cache: Run-Time Detection and Prevention of Buffer Overflow Attacks
This paper shows a novel cache architecture, called SCache, to detect and prevent buffer-overflow attacks at run time. A number of malicious codes exploit buffer-overflow vulnerability to alter a return-address value and hijack the program-execution control. In order to solve the security issue, SCache generates replica cache lines on each return-address store, and compares the original value l...
متن کاملReal-World Buffer Overflow Protection for Userspace and Kernelspace
Despite having been around for more than 25 years, buffer overflow attacks are still a major security threat for deployed software. Existing techniques for buffer overflow detection provide partial protection at best as they detect limited cases, suffer from many false positives, require source code access, or introduce large performance overheads. Moreover, none of these techniques are easily ...
متن کامل