• Title/Summary/Keyword: buffer overflow

Search Result 141, Processing Time 0.02 seconds

A Study of Buffer Overflow Prevention Technique for Secure System (안전한 시스템을 위한 Buffer Overflow 대응기법분석에 관한 연구)

  • 조진호;황현욱;박종백
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2000.10a
    • /
    • pp.608-610
    • /
    • 2000
  • Buffer Overflow는 가장 핵심적인 해킹기법중의 하나이다. 현재 해킹피해의 대부분을 차지하며 local attack뿐 아니라 remote attack까지 가능하므로 이를 이해함은 보안을 이해하는 차원에서 매우 중요하다. 본 논문에서는 Buffer Overflow의 원리와 최근 발생한 시스템의 해킹 형태를 살펴보고, 이를 방지할 수 있는 기법들을 분석하여 Buffer Overflow에 대응할 수 있는 모습을 그려보고자 한다.

  • PDF

Implementation of a function translator converting vulnerable functions for preventing buffer overflow attacks (버퍼 오버플로우 공격 방지를 위한 취약 함수 변환기 구현)

  • Kim, Ik Su;Cho, Yong Yun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.6 no.1
    • /
    • pp.105-114
    • /
    • 2010
  • C language is frequently used to develop application and system programs. However, programs using C language are vulnerable to buffer overflow attacks. To prevent buffer overflow, programmers have to check boundaries of buffer areas when they develop programs. But vulnerable programs frequently result from improper programming habits and mistakes of programmers. Existing researches for preventing buffer overflow attacks only inform programmers of warnings about vulnerabilities and not remove vulnerabilities in advance so that the programs still include vulnerabilities. In this paper, we propose a function translator which prevents creating programs including buffer overflow vulnerabilities. To prevent creating binary from source including vulnerabilities, the proposed translator searches vulnerable functions which cause buffer overflows, and converts them into secure functions. Accordingly, developing vulnerable programs by programmers which lack in knowledge on security can be prevented.

Buffer Overflow Attack and Defense Techniques

  • Alzahrani, Sabah M.
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.12
    • /
    • pp.207-212
    • /
    • 2021
  • A buffer overflow attack is carried out to subvert privileged program functions to gain control of the program and thus control the host. Buffer overflow attacks should be prevented by risk managers by eradicating and detecting them before the software is utilized. While calculating the size, correct variables should be chosen by risk managers in situations where fixed-length buffers are being used to avoid placing excess data that leads to the creation of an overflow. Metamorphism can also be used as it is capable of protecting data by attaining a reasonable resistance level [1]. In addition, risk management teams should ensure they access the latest updates for their application server products that support the internet infrastructure and the recent bug reports [2]. Scanners that can detect buffer overflows' flaws in their custom web applications and server products should be used by risk management teams to scan their websites. This paper presents an experiment of buffer overflow vulnerability and attack. The aims to study of a buffer overflow mechanism, types, and countermeasures. In addition, to comprehend the current detection plus prevention approaches that can be executed to prevent future attacks or mitigate the impacts of similar attacks.

A Device of Static Buffer Overflow Detection by using Function Summary and Tracking Information Flow of Buffer Domain (함수요약 및 버퍼의 도메인 정보흐름 추적에 의한 정적 버퍼넘침 탐지방안)

  • Lee, Hyung-Bong;Park, Jeong-Hyun;Park, Hyun-Mee
    • Journal of KIISE:Computing Practices and Letters
    • /
    • v.7 no.6
    • /
    • pp.703-714
    • /
    • 2001
  • In C language, a local buffer overflow in stack can destroy control information stored near the buffer. In case the buffer overflow is used maliciously to overwrite the stored return address, the system is exposed to serious security vulnerabilities. This paper analyzes the process of buffer overflow hacking and methodologies to avoid the attacks in details. And it proposes a device of static buffer overflow detection by using function summary and tracking information flow of buffer domain at assembly source code level(SASS, Static Assembly Source code Scanner) and then show the feasibility and validity of it by implementing a prototype in Pentium based Linux environment.

  • PDF

Overflow Probability Analysis and Bandwidth Allocation for Traffic Regulated by Dual Leaky Bucket (Dual Leaky Bucket 에 의해 규제되는 트래픽의 오버플로 확률분석과 대역폭 할당방법)

  • Yoon, Y.H.;Lie, C.H.;Hong, J.S.
    • Journal of Korean Institute of Industrial Engineers
    • /
    • v.25 no.3
    • /
    • pp.404-410
    • /
    • 1999
  • A scheme of more exact overflow probability analysis is proposed for traffic regulated by dual leaky bucket. To each regulated traffic stream is allocated bandwidth and buffer independent of other traffic stream and overflow occurs when total bandwidth or buffer allocated to each traffic exceed link capacity or physical buffer size. Ratio of buffer and bandwidth allocated to each traffic stream is assumed to be constant, and this ratio is larger than the ratio of physical buffer and bandwidth due to buffer sharing effect. Numerical experiments show that this sharing effect have significant influence on overflow probability and effective bandwidth.

  • PDF

The Research of Defense Technique of Overflow Attack (오버플로우 공격에 대한 방어 기술 연구)

  • Shin Dong-Hwi;Kim Seung-Joo;Won Dong-Ho
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2006.06a
    • /
    • pp.645-648
    • /
    • 2006
  • Buffer Overflow 취약점은 오래전에 발표된 기술이지만 현재까지도 보안 취약점에서 많은 부분을 차지하는 것 중에 하나이다. CVE Vulnerability Database에서 Buffer Overflow를 검색해보면 알 수 있듯이 지금까지 수많은 Buffer Overflow 취약점득의 발견되었고 이를 바탕으로 하는 공격들이 많이 일어나고 있다. 또한 공격에 대처하기 위하여 각각의 공격방법에 대한 대처방법을 제시하고 커널과 컴파일러의 패치에 이루어지고 있지만 해커들은 그에 대응하는 공격방법들을 찾아내곤 한다. 본 논문에는 지금까지 발표된 많은 Buffer Overflow 공격 기술에 대해 주제별로 확인하고 보다 근본적인 해결책을 만들기 위한 방향을 제시하고자 한다.

  • PDF

The Token Bucket Scheme to solve Buffer Overflow of Video Streaming in Wireless Network (무선 네트워크에서 비디오 스트리밍의 버퍼 오버플로우를 해결하기 위한 토큰버킷 기법)

  • Lee, Hyun-No;Kim, Dong-Hoi
    • Journal of Digital Contents Society
    • /
    • v.16 no.3
    • /
    • pp.365-371
    • /
    • 2015
  • In wireless network, the amount of video streaming packet information in receiver replay buffer can be varied according tothe wireless network condition. By the effect, unforeseeable delay and jitter are generated and then busty video traffics can be made. If the amount of buffer information coming in receiver replay buffer is larger than the amount of a specific buffer information, buffer overflow is generated. Such a problem makes the image skip effect and packet loss, and then causes the quality degradation and replay discontinuity of the video streaming service in destination receiver. To solve the buffer overflow problem, this paper applies the token bucket for the busty traffic to the receiver terminal and analyzes the effect of the token bucket. The simulation result using NS-2 and JSVM shows that the proposed scheme with the token bucket has significantly better performance than the conventional scheme without the token bucket in terms of overflow generation number, packet loss rate and PSNR.

Combination of Token Bucket and AMP Schemes to Solve Buffer Underflow and Overflow of Video Streaming in Wireless Communication (무선통신 환경에서 비디오 스트리밍의 버퍼 언더플로우와 오버플로우를 해결하기 위한 토큰버킷과 AMP 기법의 결합)

  • Lee, Hyun-no;Kim, Dong-hoi
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.40 no.7
    • /
    • pp.1330-1338
    • /
    • 2015
  • In wireless communication network, the amount of packet data for the video streaming in the playout buffer of the receiver is changed with time according to network condition. If the amount of packet data is less than a specific buffer amount, the buffer underflow problem is generated. On the contrary, if the amount of packet data is more than a given buffer amount, the buffer overflow problem is occurred. When the playout of the video streaming is processed, these buffer underflow and overflow problems cause stop and skip phenomenons and then provide the discontinuity of playout. Therefore, to solve the buffer underflow and overflow problems of the video streaming in wireless communication network, This paper analyzes the combined effect of Token Bucket scheme, which controls the bursty traffic, and AMP(Adaptive Media Playout) scheme, which adaptively changes the playout speed of receiver. Through simulation, we found that the combination of Token Bucket and AMP schemes provides the superiority in terms of the occurrence number of buffer underflow and overflow, the stop duration time and the number of removed frames generated by underflow and overflow, and PSNR.

Return address stack for protecting from buffer overflow attack (버퍼오버플로우 공격 방지를 위한 리턴주소 스택)

  • Cho, Byungtae;Kim, Hyungshin
    • Journal of the Korea Academia-Industrial cooperation Society
    • /
    • v.13 no.10
    • /
    • pp.4794-4800
    • /
    • 2012
  • Many researches have been performed to resist buffer overflow attacks. However, the attack still poses one of the most important issue in system security field. It is because programmers are using library functions containing security hole and once buffer overflow vulnerability has been found, the security patches are distributed after the attacks are widely spreaded. In this paper, we propose a new cache level return address stack architecture for resisting buffer overflow attack. We implemented our hardware onto SimpleScalar simulator and verified its functionality. Our circuit can overcome the various disadvantages of previous works with small overhead.

Efficient Buffer-Overflow Prevention Technique Using Binary Rewriting (이진 코드 변환을 이용한 효과적인 버퍼 오버플로우 방지기법)

  • Kim Yun-Sam;Cho Eun-Sun
    • The KIPS Transactions:PartC
    • /
    • v.12C no.3 s.99
    • /
    • pp.323-330
    • /
    • 2005
  • Buffer overflow is one of the most prevalent and critical internet security vulnerabilities. Recently, various methods to prevent buffer overflow attacks have been investigated, but they are still difficult to apply to real applications due to their run-time overhead. This paper suggests an efficient rewrite method to prevent buffer-overflow attacks only with lower costs by generating a redundant copy of the return address in stack frame and comparing return address to copied return address. Not to be overwritten by the attack data the new copy will have the lower address number than local buffers have. In addition, for a safer execution environment, every vulnerable function call is transformed during the rewriting procedure.