1 \documentclass{article} |
1 \documentclass{article} |
2 \usepackage{../style} |
2 \usepackage{../style} |
3 \usepackage{../langs} |
3 \usepackage{../langs} |
|
4 \usepackage{../graphics} |
|
5 \usepackage{../data} |
4 \usetikzlibrary{patterns,decorations.pathreplacing} |
6 \usetikzlibrary{patterns,decorations.pathreplacing} |
5 |
7 |
6 \begin{document} |
8 \begin{document} |
7 |
9 |
8 \section*{Handout 3 (Buffer Overflow Attacks)} |
10 \section*{Handout 3 (Buffer Overflow Attacks)} |
9 |
|
10 \begin{center} |
|
11 \begin{tikzpicture} |
|
12 \begin{axis}[xlabel={\pcode{a}s},ylabel={time in secs}, |
|
13 enlargelimits=false, |
|
14 xtick={0,5,...,30}, |
|
15 xmax=30, |
|
16 ymax=35, |
|
17 ytick={0,5,...,30}, |
|
18 scaled ticks=false, |
|
19 axis lines=left, |
|
20 width=5cm, |
|
21 height=5cm, |
|
22 legend entries={Python,Ruby}, |
|
23 legend pos=north west, |
|
24 legend cell align=left] |
|
25 \addplot[blue,mark=*, mark options={fill=white}] |
|
26 table {re-python.data}; |
|
27 \addplot[brown,mark=pentagon*, mark options={fill=white}] |
|
28 table {re-ruby.data}; |
|
29 \end{axis} |
|
30 \end{tikzpicture} |
|
31 \end{center} |
|
32 |
11 |
33 By far the most popular attack method on computers are buffer |
12 By far the most popular attack method on computers are buffer |
34 overflow attacks or variations thereof. The first Internet |
13 overflow attacks or variations thereof. The first Internet |
35 worm (Morris) exploited exactly such an attack. The popularity |
14 worm (Morris) exploited exactly such an attack. The popularity |
36 is unfortunate because we nowadays have technology in place to |
15 is unfortunate because we nowadays have technology in place to |
37 prevent them effectively. But these kind of attacks are still |
16 prevent them effectively. But these kind of attacks are still |
38 very relevant even today since there are many legacy systems |
17 very relevant even today since there are many legacy systems |
39 out there and also many modern embedded systems often do not |
18 out there and also many modern embedded systems often do not |
40 take any precautions to prevent such attacks. |
19 take any precautions to prevent such attacks. The plot below shows |
|
20 the percentage of buffer overflow attacks w.r.t.~all attacks. |
|
21 The data is taken from the US National Vulnerability Database. |
|
22 |
|
23 \begin{center} |
|
24 \begin{tikzpicture} |
|
25 \begin{axis}[ |
|
26 xlabel={year}, |
|
27 ylabel={\% of total attacks}, |
|
28 enlargelimits=false, |
|
29 xtick={1997,1999,...,2014}, |
|
30 xmax=2015, |
|
31 ymax=20, |
|
32 ytick={0,2,...,20}, |
|
33 scaled ticks=false, |
|
34 axis lines=left, |
|
35 width=9cm, |
|
36 height=5cm, |
|
37 ybar, |
|
38 x tick label style={font=\footnotesize}] |
|
39 \addplot |
|
40 table [x=Year,y=Percentage] {bufferoverflows.data}; |
|
41 \end{axis} |
|
42 \end{tikzpicture} |
|
43 \end{center} |
|
44 |
41 |
45 |
42 To understand how buffer overflow attacks work, we have to have |
46 To understand how buffer overflow attacks work, we have to have |
43 a look at how computers work ``under the hood'' (on the |
47 a look at how computers work ``under the hood'' (on the |
44 machine level) and also understand some aspects of the C/C++ |
48 machine level) and also understand some aspects of the C/C++ |
45 programming language. This might not be everyday fare for |
49 programming language. This might not be everyday fare for |