Buffer overflow attack : A potential problem and its Implications
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
computer science crazy
Super Moderator
******

Posts: 3,048
Joined: Dec 2008
#1
08-04-2009, 10:42 AM


Definition

Have you ever thought of a buffer overflow attack ? It occurs through careless programming and due to patchy nature of the programs. Many C programs have buffer overflow vulnerabilities because the C language lacks array bounds checking, and the culture of C programmers encourages a performance-oriented style that avoids error checking where possible. Eg: gets and strcpy ( no bounds checking ). This paper presents a systematic solution to the persistent problem of buffer overflow attacks. Buffer overflow attack gained notoriety in 1988 as part of the Morris Worm
incident on the Internet. These problems are probably the result of careless programming, and could be corrected
by elementary testing or code reviews along the way.

THE ATTACK :- A (malicious) user finds the vulnerability in a highly privileged program and someone else implements a patch to that particular attack, on that privileged program. Fixes to buffer overflow attacks attempt to solve the problem at the source (the vulnerable program) instead of at the destination (the stack that is being overflowed).

StackGuard :- It is a simple compiler extension that limits the amount of damage that a buffer overflow attack can inflict on a program. The paper discusses the various intricacies to the problem and the implementation details of the Compiler extension 'Stack Guard '.

Stack Smashing Attack :- Buffer overflow attacks exploit a lack of bounds checking on the size of input being stored in a buffer array. The most common data structure to corrupt in this fashion is the stack, called a ``stack smashing attack'' .

StackGuard For Network Access :- The paper also discusses the impacts on network access to the 'Buffer Overflow Attack'.

StackGuard prevents changes to active return addresses by either :-
1. Detecting the change of the return address before the function returns, or
2. Completely preventing the write to the return address. MemGuard is a tool developed
to help debug optimistic specializations by locating code statements that change quasi-invariant
values.

STACKGUARD OVERHEAD
" Canary StackGuard Overhead
" MemGuard StackGuard Overhead
" StackGuard Macrobenchmarks

The paper presents the issues and their implications on the 'IT APPLICATIONS' and discusses the solutions through implementation details of 'Stack Guard'.
Use Search at http://topicideas.net/search.php wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Message
Type your reply to this message here.


Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  DETECTION OF WORMHOLE ATTACK IN MANET seminar ideas 5 1,399 26-08-2015, 12:37 AM
Last Post: Leenas
  Artificial Intelligence Problem solving by searching seminar projects maker 0 335 25-09-2013, 03:02 PM
Last Post: seminar projects maker
  SIMULATION OF BLACK HOLE ATTACK IN WIRELESS AD-HOC NETWORKS pdf study tips 0 249 07-09-2013, 02:20 PM
Last Post: study tips
  BAR CODE TECHNOLOGY AND ITS APPLICATION TO LIBRARY SERVICES ppt study tips 0 503 23-08-2013, 04:33 PM
Last Post: study tips
  Report on Cyber crime and its security study tips 0 423 20-08-2013, 04:55 PM
Last Post: study tips
  A Histogram Modification Framework and Its Application for Image Contrast Enhancement study tips 0 512 20-08-2013, 04:34 PM
Last Post: study tips
  Survivability Analysis of ad hoc network under attack ppt study tips 0 253 19-08-2013, 04:49 PM
Last Post: study tips
  SIMULATION OF BLACK HOLE ATTACK IN WIRELESS AD-HOC NETWORKS pdf study tips 0 283 17-07-2013, 04:40 PM
Last Post: study tips
  Evaluation of Impact of Wormhole Attack on AODV pdf study tips 0 250 25-06-2013, 12:58 PM
Last Post: study tips
  Content-Addressable memory (CAM) and its network applications pdf study tips 0 318 24-06-2013, 03:52 PM
Last Post: study tips