• Title/Summary/Keyword: Buffer overflow

Search Result 142, Processing Time 0.026 seconds

A Study on the Protection against Buffer-Overflow Attack using Modifed Linux Kernel (Linux 커널 수정을 통한 Buffer Overflow Attack 방지에 관한 연구)

  • 서정택;최홍민;손태식;김동규
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2000.10a
    • /
    • pp.635-637
    • /
    • 2000
  • Linux는 다양한 하드웨어 플랫폼을 지원하며, 강력한 네트워크 지원 기능, 다양한 형식의 파일시스템 지원 기능 등 높은 성능을 자랑한다. 그러나, 소스코드의 공개로 인하여 많은 보안상의 취약성을 내포하고 있으며, 최근 이를 이용한 해킹사고가 많이 발생하고 있다. 본 논문에서는 Linux상에 상존하는 보안 취약성을 조사하고, 보안 요구사항을 도출하며, 최근 해킹의 상당부분을 차지하고 있는 Buffer Overflow 공격 방지를 위한 방안으로 커널 수정을 통해 Secure Linux를 개발하고자 한다.

  • PDF

The Blocking of buffer overflow based attack for Linux kernel (리눅스 시스템의 버퍼 오버플로우 공격 대응 기법)

  • Kim, Jeong-Nyeo;Jeong, Gyo-Il;Lee, Cheol-Hun
    • The KIPS Transactions:PartA
    • /
    • v.8A no.4
    • /
    • pp.385-390
    • /
    • 2001
  • In this paper, we describe a blocking method of buffer overflow attack for secure operating system. Our team developed secure operating system using MAC and ACL access control added on Linux kernel. We describe secure operating system (SecuROS) and standardized Secure utility and library. A working prototype able to detect and block buffer overflow attack is available.

  • PDF

Prevention of Buffer Overflow in the Mobility Support Router for I-TCP (I-TCP를 위한 이동성 지원 라우터에서의 버퍼 오버플로우 방지)

  • 김창호;최학준;장주욱
    • Journal of KIISE:Information Networking
    • /
    • v.31 no.1
    • /
    • pp.20-26
    • /
    • 2004
  • A congestion control algorithm to prevent buffer overflow in MSR(Mobility Support Router) for I-TCP is proposed. Due to high bit error rate and frequent hand-offs over wireless environment, the current congestion control scheme in TCP Reno over mixed(wired and wireless) network exhibits lower throughput than the throughput achieved over wired only network. I-TCP has been proposed to address this by splitting a TCP connection into two TCP connections over wired section and wireless section, respectively. However, buffer overflow in MSR may occur whenever there are excessive bit errors or frequent hand-offs. This may lead to the loss of packets acked by MSR(resident in buffer) to the sender, but not received by the receiver, breaking TCP end-to-end semantics. In this Paper, a new scheme is proposed to prevent the MSR buffer from overflow by introducing “flow control” between the sender and the MSR. Advertised window for the TCP connection between the sender and the MSR is tied to the remaining MSR buffer space, controlling the flow of packets to the MSR buffer before overflow occurs.

Eliminating Redundant Alarms of Buffer Overflow Analysis Using Context Refinements (분석 문맥 조절 기법을 이용한 버퍼 오버플로우 분석의 중복 경보 제거)

  • Kim, You-Il;Han, Hwan-Soo
    • Journal of KIISE:Software and Applications
    • /
    • v.37 no.12
    • /
    • pp.942-945
    • /
    • 2010
  • In order to reduce the efforts to inspect the reported alarms from a static buffer overflow analyzer, we present an effective method to filter out redundant alarms. In the static analysis, a sequence of multiple alarms are frequently found due to the same cause in the code. In such a case, it is sufficient and reasonable for programmers to examine the first alarm instead of the entire alarms in the same sequence. Based on this observation, we devise a buffer overflow analysis that filters out redundant alarms with our context refinement technique. Our experiment with several open source programs shows that our method reduces the reported alarms by 23% on average.

Improving Compiler to Prevent Buffer Overflow Attack (버퍼오버플로우 공격 방지를 위한 컴파일러 기법)

  • Kim, Jong-Ewi;Lee, Seong-Uck;Hong, Man-Pyo
    • The KIPS Transactions:PartC
    • /
    • v.9C no.4
    • /
    • pp.453-458
    • /
    • 2002
  • Recently, the number of hacking, that use buffer overflow vulnerabilities, are increasing. Although the buffer overflow Problem has been known for a long time, for the following reasons, it continuos to present a serious security threat. There are three defense method of buffer overflow attack. First, allow overwrite but do not allow unauthorized change of control flow. Second, do not allow overwriting at all. Third, allow change of control flow, but prevents execution of injected code. This paper is for allowing overwrites but do not allow unauthorized change of control flow which is the solution of extending compiler. The previous defense method has two defects. First, a program company with overhead because it do much thing before than applying for the method In execution of process. Second, each time function returns, it store return address in reserved memory created by compiler. This cause waste of memory too much. The new proposed method is to extend compiler, by processing after compiling and linking time. To complement these defects, we can reduce things to do in execution time. By processing additional steps after compile/linking time and before execution time. We can reduce overhead.

A Study on Hacking Attack using Buffer Overflow and Strategy to Avoid the Attack (버퍼넘침(buffer overflow)을 사용한 해킹공격 기법 및 예방 방안)

  • Lee, Hyung-Bong;Park, Hyun-Mee;Park, Jeong-Hyun
    • Annual Conference of KIPS
    • /
    • 2000.10a
    • /
    • pp.129-132
    • /
    • 2000
  • 버퍼넘침(buffer overflow)은 특정 프로그램 언어에서 발생하는 배열의 경계파괴 현상을 말한다. 그 대표적인 언어로서 C/C++을 들 수 있는데. 이들 언어는 기본적으로 스트링(문자열)을 정의함에 있어서 크기속성을 배제하고 끝을 의미하는 종료문자(delimiter character. NULL)를 사용함으로써 배열(버퍼)의 경계침범 가능성을 허용하고 있다. 이 때 스택영역에 할당된 버퍼가 넘친다면, 주변에 위치한 지역변수, 레지스터 보관, 복귀주소 둥의 값이 변질되어 원래의 의도된 제어흐름을 보장할 수 없게 된다. 특히 복귀주소 부분을 의도적으로 침범하여 특정 값을 덮어쓸 수 있다면 해당 프로그램의 동작을 인위적으로, 그리고 자유롭게 변경할 수 있게 된다. 본 논문에서는 이와 같은 스택영역에서의 버퍼넘침을 사용한 제어흐름 변경 해킹기법의 과정을 현존하는 UNIX 시스템 및 C/C++ 언어를 이용하여 살펴보고 대응방향을 모색한다.

  • PDF

A Study on Hacking Attack using Buffer Overflow and Strategy to Avoid the Attack (버퍼넘침(buffer overflow)을 이용한 해킹 공격기법 및 예방방안)

  • 이형봉;차홍준
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2000.10a
    • /
    • pp.653-655
    • /
    • 2000
  • 버퍼넘침(buffer overflow)은 특정 프로그램 언어에서 발생하는 배열의 경계파괴 현상을 말한다. 그 대표적인 언어로서 C/C++을 들 수 있는데, 이들 언어는 기본적으로 스트링(문자열)을 정의함에 있어서 크기속성을 배제하고 끝을 의미하는 종료문자(delimiter character, NULL)을 사용함으로써 배열(버퍼)의 경계침범 가능성을 허용하고 있다. 이때 스택영역에 할당된 버퍼가 넘침다면, 주변에 위치한 지역변수, 레지스터 보관, 복귀주소 등의 값이 변질되어 원래의 의도된 제어흐름을 보장할 수 없게 된다. 특히 복귀주소 부분을 의도적으로 침범하여 특정 값을 덮어쓸 수 있다면 해당 프로그램의 동작을 인위적으로, 그리고 자유롭게 변경할 수 있게 된다. 본 논문에서는 이와 같은 스택영역에서의 버퍼넘침을 사용한 제어흐름 변경 해킹기법의 과정을 현존하는 UNIX 시스템 및 C/C++ 언어를 이용하여 살펴보고 대응방향을 모색한다.

  • PDF

A Study on the Multiplexing of ISDN D-channel using Statistical Multiplexer (총계적 다중 방식을 이용한 ISDN D채널 다중화에 관한 연구)

  • 구제길;김영철;이호준;조규섭;박병철;김병찬
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.11 no.4
    • /
    • pp.268-279
    • /
    • 1986
  • Recently, the improtance of the ISDN has been emphasized for the new services in the future information society. In this paper, new application of statistical multiplexer which can be used for CCITT D-channel multiplexing is suggested. The basic architecture of statistical multiplexer which can interleave eleven 16Kbps D-channels into one 64Kbps B-channel is also proposed. The necessary buffer size was estimated by computer simulation considering data traffic intensity, signal arrival length distribution and buffer overflow probability. Based on this buffer size, the basic architecture of the statistical multiplexer has been survetyed and hardware design principles are also studied.

  • PDF

Auto Regulated Data Provisioning Scheme with Adaptive Buffer Resilience Control on Federated Clouds

  • Kim, Byungsang
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.11
    • /
    • pp.5271-5289
    • /
    • 2016
  • On large-scale data analysis platforms deployed on cloud infrastructures over the Internet, the instability of the data transfer time and the dynamics of the processing rate require a more sophisticated data distribution scheme which maximizes parallel efficiency by achieving the balanced load among participated computing elements and by eliminating the idle time of each computing element. In particular, under the constraints that have the real-time and limited data buffer (in-memory storage) are given, it needs more controllable mechanism to prevent both the overflow and the underflow of the finite buffer. In this paper, we propose an auto regulated data provisioning model based on receiver-driven data pull model. On this model, we provide a synchronized data replenishment mechanism that implicitly avoids the data buffer overflow as well as explicitly regulates the data buffer underflow by adequately adjusting the buffer resilience. To estimate the optimal size of buffer resilience, we exploits an adaptive buffer resilience control scheme that minimizes both data buffer space and idle time of the processing elements based on directly measured sample path analysis. The simulation results show that the proposed scheme provides allowable approximation compared to the numerical results. Also, it is suitably efficient to apply for such a dynamic environment that cannot postulate the stochastic characteristic for the data transfer time, the data processing rate, or even an environment where the fluctuation of the both is presented.

A Study on Buffer Control Method of Set-top Box in Interactive Video-on-Demand Service (대화식 주문형 비디오 서비스에서의 셋톱박스 버퍼 제어 방안 연구)

  • 신준호;김용득
    • Proceedings of the IEEK Conference
    • /
    • 1999.11a
    • /
    • pp.1041-1044
    • /
    • 1999
  • This paper propose a solution to resolve data overflow or leakage when a subscriber receive data to service provider. The set-top box can communicate with a service provider and can inform the service provider its data overflow or leakage. When service provider received this control signal, it changes data transmit rate and transmits data with changed rate. The buffer of set-top box is important because incoming data from a service provider are stored by it.

  • PDF