Research Article
Buffer Overflow Attack – Vulnerability in Stack
|
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
|
| Volume 13 - Issue 5 |
| Published: January 2011 |
| Authors: P.Vadivel Murugan, Dr.K.Alagarsamy |
10.5120/1780-2455
|
P.Vadivel Murugan, Dr.K.Alagarsamy . Buffer Overflow Attack – Vulnerability in Stack. International Journal of Computer Applications. 13, 5 (January 2011), 1-2. DOI=10.5120/1780-2455
@article{ 10.5120/1780-2455,
author = { P.Vadivel Murugan,Dr.K.Alagarsamy },
title = { Buffer Overflow Attack – Vulnerability in Stack },
journal = { International Journal of Computer Applications },
year = { 2011 },
volume = { 13 },
number = { 5 },
pages = { 1-2 },
doi = { 10.5120/1780-2455 },
publisher = { Foundation of Computer Science (FCS), NY, USA }
}
%0 Journal Article
%D 2011
%A P.Vadivel Murugan
%A Dr.K.Alagarsamy
%T Buffer Overflow Attack – Vulnerability in Stack%T
%J International Journal of Computer Applications
%V 13
%N 5
%P 1-2
%R 10.5120/1780-2455
%I Foundation of Computer Science (FCS), NY, USA
Abstract
Most of the vulnerability based on buffer overflows aim at forcing the execution of malicious code, mainly in order to give a root shell to the user. The malicious instructions are stored in a buffer, which is overflowed to allow an unexpected use of the process, by changing various memory sections.
References
- Buffer Overflow Attacks on Linux Principles Analyzing and Protection Zhimin Gu Jiandong Yao Jun Qin Department of Computer Science, Beijing Institute of Technology (Beijing 100081)
- Computer emergency response team (cert).http://www.cert.org.The Meta sploit project. http:// www. metasploit. com
- RamKumar ChincChani and Eric Van Den Berg. A fast staticanalysis approach to detect exploit code inside network flows.In RAID, 2005.
- C. Kruegel, E. KirDa, D. Mutz, W. Robertson, and G. Vigna.Polymorphic worm detection using structural information ofexecutables. In RAID, 2005.
- Michalis Polychranakis, Kostas G. Anagnostakis, andEvangelos P. Markatos. Network Level Polymorphic Shellcode Detection using Emulation. DIMVA , 2006.
- XinRan Wang, ChiChun Pan, Peng Liu, and Sencun Zhu. Sig free: A signature Free Buffer Overflow Attack Blocker. In 15 th Use nix Security Symposium, July 2006.
- Navjot Singh Libsafe: Protecting CriticalElement of Stacks White Paper December25, 1999Litchfield, D. (1999).
- Exploiting Windows NT for Buffer Overruns. Posted to Bugtraq mailing list in May1999. http://www.infowar.co.uk/mnemonix/ntbufferoverruns.htm.Mudge. (1995). How to write Buffer Overflows. http:// l0pht. com/ advisories/bufero.html
- Smith, N.P. (1997). Stack smashing vulnerabilities in the UNIX operating system. Southern Connecticut State University. http:// destroy.net/ machines/ security/
- Summerfield, B. (1997) Re: Smashing the stack. From the Bugtraq mailing list. www. securityfocus. com / templates/ archive.pike 1997-01-21
- Spafford, E. H. (1988) The internet worm program: An analysis. ACM Computer Communication Review; 19(1), pp. 17-57. tp://www.cs.purdue.edu/homes/ spaf/techreps/823.ps.
- S. Alexander. Defeating compiler level buffer overflow protection. The USENIX Magazine, 30(3), June 2005.
- S. Nanda and T.C. Chiueh. Foreign code detection for Windows/X86 binaries. ECSL Technical report TR- 190, Computer Science Department,Stony Brook University, 2005.
- M. Rinard, C. Cadar, D. Roy, and D. Dumitran. A dynamic technique for eliminating buffer overflows vulnerabilities (and other memory errors). In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC), December 2004.
- Z. Liang, R. Sekar, and D.DuVarney. Automatic synthesis of filters to discard buffer overflow attacks: A step towards realizing self healing systems. In USENIX Annual Technical Conference, 2005.
Index Terms
Keywords