Title :
Buffer overflows: attacks and defenses for the vulnerability of the decade
Author :
Cowan, Crispin ; Wagle, Perry ; Pu, Calton ; Beattie, Steve ; Walpole, Jonathan
Author_Institution :
Dept. of Comput. Sci. & Eng., Oregon Graduate Inst. of Sci. & Technol., Beaverton, OR, USA
fDate :
6/22/1905 12:00:00 AM
Abstract :
Buffer overflows have been the most common form of security vulnerability for the last ten years. Moreover, buffer overflow vulnerabilities dominate the area of remote network penetration vulnerabilities, where an anonymous Internet user seeks to gain partial or total control of a host. If buffer overflow vulnerabilities could be effectively eliminated, a very large portion of the most serious security threats would also be eliminated. We survey the various types of buffer overflow vulnerabilities and attacks and survey the various defensive measures that mitigate buffer overflow vulnerabilities, including our own StackGuard method. We then consider which combinations of techniques can eliminate the problem of buffer overflow vulnerabilities, while preserving the functionality and performance of existing systems
Keywords :
Internet; security of data; telecommunication security; StackGuard method; anonymous Internet user; buffer overflows; remote network penetration vulnerabilities; security threats; security vulnerability; system attacks; system defenses; systems performance; Buffer overflow; Computer science; Computer security; IP networks; Intrusion detection; Registers;
Conference_Titel :
DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings
Conference_Location :
Hilton Head, SC
Print_ISBN :
0-7695-0490-6
DOI :
10.1109/DISCEX.2000.821514
