A Comparison of Buffer Overflow Prevention Implementations and Weaknesses

Presented at DEF CON 12 (2004), July 30, 2004, 1 p.m. (50 minutes).

Buffer overflows are historically the most commonly exploited software vulnerability in the security world. The last year has seen effective automated attacks such as the MS Blaster worm and SQL Slammer worms. Due to the rapid growth of worm technology and readily available automated worm generation tools, the need for buffer overflow protection software has dramatically increased.


Presenters:

  • Richard Johnson - Senior Security Engineer, iDEFENSE
    Richard Johnson is a Senior Security Engineer at iDEFENSE. He works in the iDEFENSE Labs where he is responsible for conducting vulnerability research, malicious code analysis, and developing reverse code engineering tools and methodologies. Areas of interest include run-time process modification, live kernel patching, embedded systems reverse engineering, and seeing how much beer a man can drink in an evening. With three years professional vulnerability research experience, and many more as a hobbyist, he is considered a valuable resource with a wide breadth of knowledge at iDEFENSE Labs.
  • Peter Silberman - Security Engineer, iDEFENSE
    Peter Silberman is a Security Engineer at iDEFENSE. Peter works in the iDEFENSE labs where he conducts vulnerability research in between going to high school. He is especially interested in advanced exploitation of the win32 platform, buffer overflow protection methods, and windows forensic analysis. Peter has been a professional vulnerability researcher for a year, and has spent two or three years as an independent researcher.

Similar Presentations: