The Attack and defense of computers listen 4 (10/7)

--- title: The Attack and defense of computers listen 4 (10/7) --- 電腦攻擊與防禦 === ###### tags: `電腦攻防` `Note` - [課程資訊](https://hackmd.io/@Onebone/SkDTwUeBP/https%3A%2F%2Fhackmd.io%2F_tge1tPkTau8DDkZcIcMzg) - [發問系統](https://tlk.io/ncu-security-2020) - [Note L3 09/30](https://hackmd.io/ccBcyk9FTZKFk_Wt_Oc92g) - [Note L5 10/14](https://hackmd.io/jATu88OPTXCprMzFjBtf0g) # Web Activity Monitor - Spyware behavior, such as reporting on websites the user visits, frequently accompany the displaying of advertisements. - Monitoring web activity aims at building up a marketing profile on users in order to sell "targeted" advertisement impressions. # Other Victims of Spyware - The prevalence of spyware has cast suspicion upon other programs that track Web browsing, even for statistical or research purposes. - Some observers describe the **Alexa Toolbar**, an Internet Explorer extension published by Amazon.com # Routes of Infection - Spyware does not directly spread in the manner of a computer virus or worm: - generally, an infected system does not attempt to transmit the infection to other computers. - Instead, spyware gets on a system - through deception of the user - through exploitation of software vulnerabilities. # Masquerade - One way of distributing spyware involves tricking users by manipulating security features designed to prevent unwanted installations. > 彈跳出視窗去騙你執行程式 # Worm - Worm spread themselves through proactively attacking programs with specific vulnerability. - Most frequently used attack approaches included buffer overflow attacks, format string attacks, integer overflow attacks, … and so on. - e.g. - Morris Worm ,1988 - Code Red, Slammer. # Attacking Program Bugs - Type - Buffer Overflow Attacks - Return-Oriented Programming (ROP) - Jump-Oriented Programing (JOP) - etc - Format string attacks - integer overflow and integer sign attacks ## Buffer Overflow Attacks - Easy to launch - Plenty of targets - Cause great damage - **Internet worms** proliferate through buffer overflow attacks # Stack Smashing Attacks - Overwritten control transfer structures, such as **return addresses** or **function pointers**, to redirect program execution flow to desired code. - Attack strings carry both **code** and **address(es)** of the code entry point. - A Linux Process Layout and Stack Operations ![](https://i.imgur.com/R2I78m4.png) ## Protection ### Stack canaries ### Non-executable Stack