How to tackle a buffer overflow attack and avoid vulnerabilities

Buffer overflows seem to be one of the most intractable problems in computer security. Despite the research and learned papers on the subject, buffer overflow attacks seem to be as popular – and as successful – as they ever were.

    Requires Free Membership to View

    Login

    Receive Computer Weekly’s digital magazine for free with your ComputerWeekly.com registration.

    As the leading provider of news, analysis, opinion, information and services for the UK IT community, Computer Weekly is an advocate for IT professionals and the role of technology in improving organisations in all sectors of business and public life. Join our community of IT decision-makers to access exclusive content and gain the knowledge needed to make better IT strategy and technology decisions and develop your career.

    By submitting your registration information to ComputerWeekly.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of ComputerWeekly.com is governed by our Terms of Use. You may contact us at [email protected].

More from Royal Holloway

Have a look at the rest of the 2009 theses from MSc graduates of Royal Holloway, University of London (RHUL).

The chaos and destruction a buffer overflow can cause can be disastrous if not dealt with at the earliest opportunity, but systems developers seem hard pressed to build in suitable defences against them.

While it may be difficult to prevent buffer overflow attacks altogether, it is still possible to limit the threat, and also contain the damage an exploit can inflict, according to Parvez Anwar and Andreas Fuchsberger.

They have been researching the subject and have produced new insights into the problem and how it can be tackled effectively. Their ideas are outlined in a detailed article, "Buffer Overflows in a Windows Environment" (see below for .pdf), that we are publishing on SearchSecurity.co.uk as part of our 2009 series featuring the best new MSc theses from graduates from the Information Security department of Royal Holloway University of London (RHUL).

The article provides a detailed explanation of how these buffer overflow attacks work in the first place, and then goes on to provide practical help in mitigating the potential damage.

As the authors point out, the threat of the buffer overflow will be with us for many years to come. But they propose several techniques that developers can use to avoid serious damage.

Read Buffer overflows in a Windows environment (.pdf) by Parvez Anwar and Andreas Fuchsberger.

SearchSecurity's association with RHUL began last year when we published 12 articles from RHUL's MSc graduates. These were widely appreciated for their new ideas and relevance to security problems. We believe the 2009 series is equally wide-ranging and thought-provoking.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

This was first published in June 2009

 

COMMENTS powered by Disqus  //  Commenting policy

Back to top