DSpace Repository

Detecting possible buffer overflow attacks in C program

Show simple item record

dc.contributor.author Vuong Hoai Nam en_US
dc.date.accessioned 2015-01-12T10:39:59Z
dc.date.available 2015-01-12T10:39:59Z
dc.identifier.other AIT Thesis no.CS-03-12 en_US
dc.identifier.uri http://www.cs.ait.ac.th/xmlui/handle/123456789/283
dc.description Pathum Thani, Thailand : Asian Institute of Technology, 2003 en_US
dc.description 50 p. en_US
dc.description.abstract Buffer overflows are unintentional accesses to memory outside the intended object. In recent years, buffer overflow attacks ha ve become the most prevalent techniques used to hack both remote and local comput er systems. All the reason for such a profound spread of this kind of attack is that many software and operating systems are written in C language. C is inherently unsafe because array and pointer references are not automatically bounds-c hecked. Therefore, it is up to the programmers to do it themselves. Noneth eless, these security holes are often wrongly omitted or checked. In addition to its prevalence, this attack can cause the most serious problem to compromised sy stems. One solution to buffer overflow attacks is to statically detect possible vul nerabilities in C source codes before they are deployed. Much research has been done to solve this problem, however, in a subset of C features, which involves poi nter, array of char, one-dimension array, pointer arithmetic statements, a nd standard C string functions. This thesis will examine the principles of unix/linux buffer overflow vulnerabilities. Then, it will survey the existing static methods of detecting buffer overflows, and propose a better method that accumulates a larger domain of problems involving arrays of pointers. Finally, a prototype is implemented based on the proposed method.
dc.relation.ispartof Thesis no. CS-03-12 en_US
dc.relation.ispartof Asian Institute of Technology. Thesis no. CS-03-12 en_US
dc.subject Buffer storage (Computer science) en_US
dc.subject C (Computer program language) en_US
dc.title Detecting possible buffer overflow attacks in C program en_US
dc.type Thesis en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Advanced Search

Browse

My Account