MIT 6 857 - Lecture Slides - D1992014

Home> Schools> Massachusetts Institute of Technology> Electrical Engineering and Computer Science (6) > 6 857> Lecture Slides

MIT 6 857 - Lecture Slides

School name Massachusetts Institute of Technology

Course 6 857- Network and Computer Security

Pages 67

Download Save

Unformatted text preview:

Slide 1Slide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Slide 13Slide 14Slide 15Slide 16Slide 17Slide 18Slide 19Slide 20Slide 21Slide 22Slide 23Slide 24Slide 25Slide 26Slide 27Slide 28Slide 29Slide 30Slide 31Slide 32Slide 33Slide 34Slide 35Slide 36Slide 37Slide 38Slide 39Slide 40Slide 41Slide 42Slide 43Slide 44Slide 45Slide 46Slide 47Slide 48Slide 49Slide 50Slide 51Slide 52Slide 53Slide 54Slide 55Slide 56Slide 57Slide 58Slide 59Slide 60Slide 61Slide 62Slide 63Slide 64Slide 65Slide 66Slide 67Buffer Overflow Attacks 1Basic Idea Sample Attacks Protection Basic Idea Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityHistory 2Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network Security1960s 1970s 1990s Today1980sVulnerability exploited on time-share machinesAttacks on early networkedmachinesMorris Worm usesbuffer overflow intaking down significantportion of the InternetBuffer overflow attacks become(arguably) the most pressingsecurity concerns facing the web(e..g., in 1998, 2/3 of CERT advisorieswere buffer overflow related)The problem persists(e.g., IE VML advisory fromtwo months ago).Memory Layout 3Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow AddressesMemory Layout 4Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}Memory Layout 5Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espMemory Layout 6Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espspfpMemory Layout 7Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espspfp2Memory Layout 8Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espspfp21Memory Layout 9Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espspfp21retMemory Layout 10Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espspfp21retsfpMemory Layout 11Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espspfp21retsfpMemory Layout 12Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espspfp21retsfpMemory Layout 13Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10];}void main() {func(1,2);}pushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %esppushl $2pushl $1call func…pushl %ebpmovl %esp, %ebpsubl $24, %espspfp21retsfpbufferMemory Layout 14Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10]; strcpy(buffer, bigstr);}spfp21retsfpbufferMemory Layout 15Basic IdeaBasic Idea Sample Attacks Protection Sample Attacks Protection 6.8576.8576.857, Computer & Network SecurityTextDataHeapStackHigh AddressesLow Addressesvoid func(int a, int b) {char buffer[10]; strcpy(buffer, bigstr);}spfp21retsfpbigstrSample Attacks 16Basic Idea Basic Idea Sample AttacksSample Attacks Protection Protection 6.8576.8576.857, Computer & Network Security

View Full Document


School:
Email:
New Password:
Confirm Password:

MIT 6 857 - Lecture Slides

Sign up for free to view:

Please select your school