As intrusion attacks on systems become more and more complex, the tools trying to stop these attacks must follow. This thesis has developed a testbed to test and evaluated three freely available protection tools for the GNU/Linux platform to see how they fare against attacks.
Contents
1 Introduction
1.1 Problem Statement
1.2 Goal and Intended Audience
1.3 Terminology and conventions
1.4 Assumptions and shortcomings
1.5 System layout
2 Attack Methods
2.1 Changing the Flow of Control
2.2 Memory Layout in UNIX
2.3 Buffer Overflow Attacks
2.4 Technique
2.5 Location
2.6 Attack Targets
2.6.1 Return Address
2.6.2 Old Base Pointer
2.6.3 Function Pointers
2.6.4 Longjmp Buffer
2.6.5 Virtual Pointer
2.6.6 Malloc/Free
2.6.7 .dtors
2.7 Vulnerable Functions Used
2.7.1 Attack code
2.8 NOP Sleds
2.9 Additional Variations
2.9.1 Attack Code
2.9.2 Exception Handler
2.9.3 Vulnerable Buffers
2.9.4 GOT
3 Overflow Protection Tools
3.1 CRED
3.2 LibsafePlus, TIED
3.3 Stack-Smashing Protector (ProPolice)
4 Implementation
4.1 Main Attack Program
4.2 Front-end
4.3 Building the testbed
5 Empirical Test of Tools
5.1 No Protection
5.2 CRED
5.3 LibsafePlus and TIED
5.4 Stack-Smashing Protector
6 Conclusions…..
………………..
Author: Viking, Pontus
Source: Linköping University
Download URL 2: Visit Now
Keywords: Projects, Dissertation, Thesis, Project Reports