Defense against buffer overflow attack by software design diversity

Author

Kunal Metkar, University of Nevada, Las Vegas

Award Date

1-1-2007

Degree Type

Thesis

Degree Name

Master of Science (MS)

Department

Computer Science

First Committee Member

Yoohwan Kim

Number of Pages

66

Abstract

A buffer overflow occurs during program execution when a fixed-size buffer has had too much data copied into it. This causes the data to overwrite into adjacent memory locations, and, depending on what is stored there, the behavior of the program itself might be affected; Attackers can select the value to place in the location in order to redirect execution to the location of their choice. If it contains machine code, the attacker causes the program to execute any arbitrary set of instructions---essentially taking control of the process. Successfully modifying the function return address allows the attacker to execute instructions with the same privileges as that of the attacked program; In this thesis, we propose to design software with multiple variants of the modules/functions. It can provide strong defense against the buffer overflow attack. A way can be provided to select a particular variant (implementation) of the module randomly when software is executed. This proves to be useful when an attacker designs the attack for a particular variant/implementation which may not be chosen in the random selection process during execution. It would be much difficult for the attacker to design an attack because of the different memory (stack-frame) layout the software could have every time it is executed.

Keywords

Attack; Buffer; Defense; Design; Diversity; Overflow; Software

Controlled Subject

Computer science

File Format

pdf

File Size

1679.36 KB

Degree Grantor

University of Nevada, Las Vegas

Language

English

Permissions

If you are the rightful copyright holder of this dissertation or thesis and wish to have the full text removed from Digital Scholarship@UNLV, please submit a request to digitalscholarship@unlv.edu and include clear identification of the work, preferably with URL.

Repository Citation

Metkar, Kunal, "Defense against buffer overflow attack by software design diversity" (2007). UNLV Retrospective Theses & Dissertations. 2249.
http://dx.doi.org/10.25669/ut94-6zdw

Rights

IN COPYRIGHT. For more information about this rights statement, please visit http://rightsstatements.org/vocab/InC/1.0/