Research On Buffer Overflow Attack And Defense

Buffer overflow came into existence since the advent of Von Neumann Organization. It has been notorious due to the Morris Worm in 1988. Unfortunately, threads based on buffer overflow vulnerabilities have been exposed continuously until now. According to the statistics from CVE, there were approximately 70 kinds vulnerabilities which suffered from buffer overflow among all 800 vulnerabilities discovered from the beginning of 2009. Thus, the attacks based on the old technique still require attentions and research on buffer overflow hold much significance at present.Based on the previous research and findings at home and abroad, this paper presents the research regarding different techniques and methods used for buffer overflow attacks, as well as the Countermeasures taken to prevent and suppress those attacks. Consequently, the principle and framework for developing safe and robust programs are proposed. The aim is to discuss the attack and defense methods and techniques against buffer overflow comprehensively, further the understanding about buffer overflow for security researchers and developers and enhance their awareness of security. The research in this paper includes:1. Briefly introduce the buffer overflow vulnerability history and current progress of research and findings regarding it.2. Explore the methods and techniques of attacks based on buffer overflow vulnerabilities in Windows platform in detail, including stack overflow and heap overflow.3. According to different attacks methods and techniques, relevant Countermeasures are given.4. Based on the discussion and exploration above, the principles and frameworks during the life-cycle of software development are proposed finally in this paper. These principles cover the sources development phase, compilation phase and configuration phase. In sources development phase, avoid to use unsafe functions; during the compilation phase, leverage the current tools to perform static or dynamic check, further eliminate the potential vulnerabilities; finally strengthen the system security through valid and reasonable settings at configuration stage.