Background Control Flow Hijack Soltware Security Background Contol Flow Hijack Occurs when an attacker gains control of Carnial Fis Hyck Delinie Cattary Codenas the instruction pointer s0au时 SOianT weianat DnG A few common hijack methods Puymnishie Cinin buffer overflows Data Execution Prevention heap overflow Dutidan format string attacks ASLR ASLR Credit:a portion of the slides in this lecture are compiled from Dr.David Brumley and also from book CSAPP Nanjng Uivarsty57 Software Security Background 3 Control Flow Hijack Control Flow Hijack Defense Canary Defense StackGuard StackGuard Weakness DiffGuard Polymorphic Canary Data Execution Prevention Definition DEP Scorecard Return-to-libc Attack ASLR ASLR Randomization ASLR Dept. of Computer Science, Nanjing University Background Control Flow Hijack