Embedded Files
Defenses: Discuss the following defenses with a partner or in a group, then share your opinions with the class. Would the defenses work? Would they work for all or just some exploits (inputs that trigger buffer overflow) and some types of buffer overflows?
Secure code: Use secure coding techniques, such as secure functions (e.g,. strncpy instead of strcpy) or higher-level languages
Randomize address space: This makes it hard for the attacker to divert control flow to a given system code, because they would need to overwrite the return address on stack with the address of that code.
Canary: insert some value (unknown to the public) on stack before the return address. If that value is changed, do not go to return address
Input analysis: Analyze each input to each application to see if it is benign or malicious
Save return address in a special register: not on stack anymore
Page updated
Google Sites
Report abuse