Evolving Successful Stack Overflow Attacks for Vulnerability Testing

Gunes Kayacik
Dalhousie University
Canada

Malcolm Heywood
Dalhousie University
Canada

Nur Zincir-Heywood
Dalhousie University
Canada

The work presented in this paper is intended to test crucial system services against stack overflow vulnerabilities. The focus of the test is the user-accessible variables, which take inputs from the user (from the command line or a configuration file). The tester needs a set of tools, which can generate wide variety of malicious buffers to feed to the user-accessible variables. In this work, the search for successful exploits is formulated as an optimization problem and solved using evolutionary computation. Moreover the resulting attacks are passed through the Snort misuse detection system to observe the detection of each attack.

Keywords: Intrusion detection, attack generation, buffer overflow attacks

Read Paper Read Paper (in PDF)