Buffer overflows: attacks and defenses for the vulnerability of the decade

Buffer overflows have been the most common form of security vulnerability for the last ten years. More over, buffer overflow vulnerabilities dominate the area of remote network penetration vulnerabilities, where an anonymous Internet user seeks to gain partial or total control of a host. If buffer overflow vulnerabilities could be effectively eliminated, a very large portion of the most serious security threats would also be eliminated. In this paper, we survey the various types of buffer overflow vulnerabilities and attacks, and survey the various defensive measures that mitigate buffer overflow vulnerabilities, including our own StackGuard method. We then consider which combinations of techniques can eliminate the problem of buffer overflow vulnerabilities, while preserving the functionality and performance of existing systems.

[1]  Jon A. Rochlis,et al.  With microscope and tweezers: an analysis of the Internet virus of November 1988 , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[2]  Calton Pu,et al.  Death, taxes, and imperfect software: surviving the inevitable , 1998, NSPW '98.

[3]  A. One,et al.  Smashing The Stack For Fun And Profit , 1996 .

[4]  Crispan Cowan,et al.  StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.

[5]  David A. Wagner,et al.  A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.

[6]  Eugene H. Spafford,et al.  The internet worm program: an analysis , 1989, CCRV.

[7]  Calton Pu,et al.  Optimistic incremental specialization: streamlining a commercial operating system , 1995, SOSP.

[8]  Oliver Reutter,et al.  ssh - Secure Shell , 1997 .

[9]  Matt Bishop How To Write a Setuid Program , 2001 .

[10]  Mudge How to write buffer overflows , 1997 .

[11]  Gary McGraw,et al.  An automated approach for identifying potential vulnerabilities in software , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[12]  Nathan P. Smith,et al.  Stack Smashing Vulnerabilities in the UNIX Operating System , 1997 .

[13]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[14]  Carleen Maitland,et al.  Trust in cyberspace , 2000 .

[15]  Dan S. Wallach,et al.  Java security: from HotJava to Netscape and beyond , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[16]  Robert O. Hastings,et al.  Fast detection of memory leaks and access errors , 1991 .

[17]  Matt Bishop,et al.  Checking for Race Conditions in File Accesses , 1996, Comput. Syst..

[18]  Calton Pu,et al.  Protecting Systems from Stack Smashing Attacks with StackGuard , 1999 .

[19]  C. Pu,et al.  Survivability From a Sow ’ s Ear : The Retrofit Security Requirement , 1998 .