Title: Driving Home the Buffer Overflow Problem: A Training Module for Programmers and Managers
نویسندگان
چکیده
Repeatedly, news headlines read: "Buffer overflow in vendor’s product allows intruders to take over computer!” This widespread programming mistake is easy to make, exacerbated by the ubiquitous C language, and very simple to exploit. We describe a demonstration (a Java applet) appropriate for a traditional programming course to drive home key points: why buffer overflows occur, how overflows open the door to attackers, and why certain defense mechanisms should be used. The module is in its early stages of experimental use, with a formative evaluation to determine how well the module works and opportunities for its improvement.
منابع مشابه
Improving Security Using Extensible Lightweight Static Analysis
0 7 4 0 7 4 5 9 / 0 2 / $ 1 7 . 0 0 © 2 0 0 2 I E E E education, better interface design, and security-conscious defaults. With software implementation flaws, however, the problems are typically both preventable and well understood. Analyzing reports of security attacks quickly reveals that most attacks do not result from clever attackers discovering new kinds of flaws, but rather stem from rep...
متن کاملUsing type analysis in compiler to mitigate integer-overflow-to-buffer-overflow threat
One of the top two causes of software vulnerabilities in operating systems is the integer overflow. A typical integer overflow vulnerability is the Integer Overflow to Buffer Overflow (IO2BO for short) vulnerability. IO2BO is an underestimated threat. Many programmers have not realized the existence of IO2BO and its harm. Even for those who are aware of IO2BO, locating and fixing IO2BO vulnerab...
متن کاملOverflow Detection in Residue Number System, Moduli Set {2n-1,2n,2n+1}
Residue Number System (RNS) is a non-weighted number system for integer number arithmetic, which is based on the residues of a number to a certain set of numbers called module set. The main characteristics and advantage of residue number system is reducing carry propagation in calculations. The elimination of carry propagation leads to the possibility of maximizing parallel processing and reduc...
متن کاملPoster Abstract: A Hardware-based Remote Attestation Protocol in Wireless Sensor Networks
Given the limited resources and computational power of current embedded sensor devices memory protection is difficult to achieve and generally unavailable. Hence, the buffer overflow that is used by the worm attacks in the Internet can be easily exploited to inject malicious code into Wireless Sensor Networks (WSNs). We designed a hardware-based remote attestation protocol to counter the buffer...
متن کاملA Processor Architecture Defense against Buffer Overflow Attacks
Buffer overflow vulnerabilities in the memory stack continue to pose serious threats to network and computer security. By exploiting these vulnerabilities, a malicious party can strategically overwrite the return address of a procedure call, obtain control of a system, and subsequently launch more virulent attacks. Software countermeasures for such intrusions entail modifications to application...
متن کامل