Analysis of Buffer Overflow Attacks and Security Measures

Verified

Added on 2020/03/28

AI Summary

This report provides a comprehensive overview of buffer overflow attacks, a critical vulnerability in software security. It begins by defining buffer overflows as instances where data exceeds the allocated memory boundary, potentially leading to errors, crashes, and unauthorized access. The report then delves into two primary types of buffer overflow attacks: stack-based and heap-based attacks. Stack-based attacks involve overwriting the program's call stack, while heap-based attacks target the heap memory region. The report details the mechanisms of these attacks, including how attackers exploit vulnerabilities to execute malicious code or gain control of a system. Furthermore, the report outlines several mitigation strategies, such as using canary words, filtering user inputs, avoiding insecure library files and thorough application testing to prevent and defend against buffer overflow attacks, emphasizing the importance of secure coding practices and robust system design.

Running head: BUFFER OVERFLOW
Buffer Overflow
Name of the Student
Name of the University
Author note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1BUFFER OVERFLOW
Table of Contents
Introduction:....................................................................................................................................2
 Stack based buffer overflow attack:..................................................................................2
 Securing from stack based attack:........................................................................................2
 Heap based attack in buffer overflow:..............................................................................3
 Securing from heap based attack:.........................................................................................3
 Avoid usage of the library files:...........................................................................................3
 Inputs of the user are to be filtered:......................................................................................3
 Testing of the applications:...................................................................................................3
Reference:........................................................................................................................................4

2BUFFER OVERFLOW
Introduction:
Buffer overflow is the process in which the data crosses the boundary of the buffer or
overwrites the memory adjacent to the buffer (Carrie & Wilshire, 2013). The area of the memory
which is set aside for storing of the data during the relocation of data from one program to
another or between the same program. When the overrun overwrites the data that is adjacent to it
then, it might cause errors which includes the results that are incorrect crashes and errors in
accessing of the memory (Rao et al., 2016). This report is going to discuss about the buffer-
overflow attacks and this attacks can be avoided.
Buffer overflow is very much common nowadays and this helps the attacker in gaining
access of a machine very easily. By attacking the hackers exploits the applications and the OS.
Hackers are able to execute their own commands after choosing the machines. The attacker
sends more data to the vulnerable program than the number of data which was planned by the
software developer for the program thereby causing more vulnerabilities.
There are mainly two types of attacks in buffer-overflow they are stack based attacks and
heap based attacks.
 Stack based buffer overflow attack: Stack overrun is the process which happens when
something is written on the call stack of the program which is situated outside of the data
structure which is having a fixed length buffer by the program (Conti et al., 2015). Stack
attack happens when a program writes more data in the buffer located in the stack. In this
type of attack, the attacker tries to place the address of the top stack in instead of the
returning address which will be followed by some assembly codes that are horrible for
example calling of another tool. Running of the subverted programs with high privileges

3BUFFER OVERFLOW
makes the tool run with same privilege. This becomes better for the attacker as the
process only includes transmission of the small script program.
 Securing from stack based attack:
Stack overflow attacks can be avoided by the user by only writing a simple word Canary in
between the local variables and the return address. Prevention can be done simply by the use of
this technique by slight use of time during execution and the memory. For overwriting the return
address, the attacker has to overwrite the word Canary (AlHarbi & Lin, 2016). The word Canary
varies so the possibility of overwriting can be detected very easily. Stack guards prevents the
overflow of the stack which are not discovered even when the functions are recompiled.
 Heap based attack in buffer overflow: this type of attack specifically targets the heap.
This type of attacks includes the overwriting of the data so as to exploit some aspects of a
program (Conti et al., 2015). This corrupts the information stored in the heap so as to
change the specific things what the information wants.
 Securing from heap based attack:
Heap overflow attack can be stopped by the use of following methods:
 Avoid usage of the library files: The library files used for programming are insecure
and are the main targets of the hackers. When a weakness is found by the hacker in the
files helps the attacker gain a target for potential attack.
 Inputs of the user are to be filtered: This includes the filtering of the HTML codes and
the characters that can cause severe problems in the database.
 Testing of the applications: Before deployment of any applications testing must be done
so as to guarantee that the coding is secure. The problem in the application can be

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4BUFFER OVERFLOW
detected if the application breaks. So this helps in fixing the problem before any attack
occurs.
Conclusion:
Buffer overflow can be eliminated by the use of proper hardware system like the
processor, motherboard and OS. The randomly rearranging of the memory allocation is required
which stores the computers memories and the data. The main is to improve the process of
randomisation which is done at the binary level. The main interest is to randomise the distance
between the objects that are present in the different regions of the program.

5BUFFER OVERFLOW
Reference:
AlHarbi, K. N., & Lin, X. (2016). U.S. Patent No. 9,251,373. Washington, DC: U.S. Patent and
Trademark Office.
Carrie, M., & Wilshire, J. C. (2013). U.S. Patent No. 8,612,650. Washington, DC: U.S. Patent
and Trademark Office.
Conti, M., Crane, S., Davi, L., Franz, M., Larsen, P., Negro, M., ... & Sadeghi, A. R. (2015,
October). Losing control: On the effectiveness of control-flow integrity under stack attacks. In
Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
(pp. 952-963). ACM.
Rao, J., He, Z., Xu, S., Dai, K., & Zou, X. (2016). BFWindow: Speculatively Checking Data
Property Consistency against Buffer Overflow Attacks. IEICE TRANSACTIONS on Information
and Systems, 99(8), 2002-2009.