Arbitrary Copy: Bypassing Buffer-Overflow Protections

Author

Piromsopa, Krerk ; Enbody, Richard J.

Author_Institution

Dept. of Comput. Sci. & Eng., Michigan State Univ.

fYear

2006

fDate

7-10 May 2006

Firstpage

580

Lastpage

584

Abstract

Recent advances in buffer-overflow protection are able to eliminate several common types of buffer-overflow attacks (e.g. stack smashing, jump table). In this paper, we introduce arbitrary copy, a type of buffer-overflow attack that is capable of bypassing most buffer-overflow solutions. By overflowing both source and destination pointers of any string copy (or similar) function, arbitrary copy is able to utilize a useful local address for attacking a system. This method can bypass even the most promising buffer-overflow protection that enforces the integrity of address such as secure bit (Piromsopa and Enbody, 2006) and MINOS (Crandal and Chong, 2004). Later, we analyze conditions necessary for the success of this attack. Though satisfying all necessary conditions for this attack should be difficult, our conclusion is that it is a potential threat and requires consideration

Keywords

buffer circuits; security of data; MINOS; arbitrary copy; buffer-overflow attacks; buffer-overflow protections; computer security; destination pointers; intrusion detection; intrusion prevention; local address; secure bit; source pointers; Buffer overflow; Computer bugs; Computer science; Computer security; Computer worms; Computerized monitoring; Intrusion detection; Operating systems; Programming profession; Protection; Buffer overflow; Buffer-Overflow Attacks; Computer security; Intrusion Detection; Intrusion Prevention;

fLanguage

English

Publisher

ieee

Conference_Titel

Electro/information Technology, 2006 IEEE International Conference on

Conference_Location

East Lansing, MI

Print_ISBN

0-7803-9592-1

Electronic_ISBN

0-7803-9593-X

Type

conf

DOI

10.1109/EIT.2006.252213

Filename

4017770