Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Buffer overflow attack : A potential problem and its Implications
Post: #1


Have you ever thought of a buffer overflow attack ? It occurs through careless programming and due to patchy nature of the programs. Many C programs have buffer overflow vulnerabilities because the C language lacks array bounds checking, and the culture of C programmers encourages a performance-oriented style that avoids error checking where possible. Eg: gets and strcpy ( no bounds checking ). This paper presents a systematic solution to the persistent problem of buffer overflow attacks. Buffer overflow attack gained notoriety in 1988 as part of the Morris Worm
incident on the Internet. These problems are probably the result of careless programming, and could be corrected
by elementary testing or code reviews along the way.

THE ATTACK :- A (malicious) user finds the vulnerability in a highly privileged program and someone else implements a patch to that particular attack, on that privileged program. Fixes to buffer overflow attacks attempt to solve the problem at the source (the vulnerable program) instead of at the destination (the stack that is being overflowed).

StackGuard :- It is a simple compiler extension that limits the amount of damage that a buffer overflow attack can inflict on a program. The paper discusses the various intricacies to the problem and the implementation details of the Compiler extension 'Stack Guard '.

Stack Smashing Attack :- Buffer overflow attacks exploit a lack of bounds checking on the size of input being stored in a buffer array. The most common data structure to corrupt in this fashion is the stack, called a ``stack smashing attack'' .

StackGuard For Network Access :- The paper also discusses the impacts on network access to the 'Buffer Overflow Attack'.

StackGuard prevents changes to active return addresses by either :-
1. Detecting the change of the return address before the function returns, or
2. Completely preventing the write to the return address. MemGuard is a tool developed
to help debug optimistic specializations by locating code statements that change quasi-invariant

" Canary StackGuard Overhead
" MemGuard StackGuard Overhead
" StackGuard Macrobenchmarks

The paper presents the issues and their implications on the 'IT APPLICATIONS' and discusses the solutions through implementation details of 'Stack Guard'.

Important Note..!

If you are not satisfied with above reply ,..Please


So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: signature buffer overflow attack source code, mcafee buffer overflow blocked, ie6 overflow hidden, salami attack, problem, vampire attack seminar synopsis, buffer,

Quick Reply
Type your reply to this message here.

Image Verification
Image Verification
(case insensitive)
Please enter the text within the image on the left in to the text box below. This process is used to prevent automated posts.

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Particle Swarm Optimization Algorithm and Its Application in Engineering Design Optim computer science crazy 3 4,489 03-05-2013 10:28 AM
Last Post: computer topic
  Buffer management strategies to reduce HoL blocking summer project pal 2 1,105 12-03-2013 04:12 PM
Last Post: Guest
  SLEEP SERVER & ITS ENTERPRISE APPLICATION seminar surveyer 5 2,069 03-12-2012 11:25 PM
Last Post: Guest
  CELLULAR VIRUS ATTACK full report project topics 3 4,080 09-02-2012 10:24 AM
Last Post: seminar addict
  Monitoring the Application Layer-DDoS Attack for Popular Websites full report project topics 12 10,048 26-01-2012 10:17 AM
Last Post: seminar addict
  BAR CODE TECHNOLOGY AND ITS APPLICATIONS seminar class 2 2,032 19-01-2012 10:41 AM
Last Post: seminar addict
  Signature-free Buffer Overflow Attack Blocker project report helper 8 4,662 22-08-2011 09:24 AM
Last Post: seminar addict
  On Scalable Attack Detection in the Network project topics 0 453 02-05-2011 09:56 AM
Last Post: project topics
  Network Monitoring and Measurement and its application in security field seminar surveyer 1 849 28-03-2011 10:36 AM
Last Post: seminar class
  Virus Attack on Computers And Mobiles And Palmtops full report computer science technology 2 2,652 18-03-2011 12:08 PM
Last Post: seminar class