SecPapers
iDEFENSE Labs Whitepaper - "A Comparison of Buffer OverflowPrevention Implementations and Weaknesses" Aug 04 2004 06:14PM
idlabs-papers idefense com
iDEFENSE Labs recently produced a technical whitepaper entitled, "A
Comparison of Buffer Overflow Prevention Implementations and
Weaknesses". This paper is the result of several months of diligent
research and was presented at the Black Hat USA 2004 and Defcon 12
computer security conferences.

Abstract:

In the world of information security, buffer overflows remain the
leading cause of software vulnerabilities. In recent years, the industry
has seen an elevated rate of exploitation of these vulnerabilities due
to readily available worm-generation software and mass-exploitation
toolkits. This increasing exposure to buffer overflow attacks requires a
technological solution that applies a protective layer against automated
exploitation attempts.

This paper will examine two approaches to applying a generic protection
against buffer overflow attacks and critique the effectiveness of
available buffer overflow protection mechanisms on Linux and Microsoft
Windows platforms. An analysis of each technology will explain the
methods by which a protection mechanism has been implemented and the
technology's effectiveness in defending against both automated and
targeted attacks, which specifically try to circumvent that specific
protection method. Finally, a matrix will be presented that will define
each technology's ability to protect against multiple classes of buffer
overflow attacks including format strings, stack overflows and heap
overflows.

The paper is available for download at:

http://www.idefense.com/application/poi/researchreports/display

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus