Introduction to Computer System Security

B.Tech (Computer Science and Engineering)

Faculty Name:-Professor Dr Pallavi
Topic:- Hi-Jacking
Subject :-Computer System Security

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

 Unit:-1 Computer System Security Introduction
Topic:- Hijacking and Defense

CO 1:- To discover software bugs that pose cyber security threats

and to explain how to fix the bugs to mitigate such threats

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

 CONTROL HIJACKING

Control hijacking is a cybersecurity attack where

an attacker manipulates a program's control flow,
often exploiting vulnerabilities like buffer
overflows. By redirecting the execution to
malicious code, the attacker gains unauthorized
control, posing a significant threat to the system's
integrity. Defense involves robust coding practices
and security mechanisms to prevent such exploits.

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

 INTEGER OVERFLOW
CONTROL HIJACKING
Integer overflow is a type of control hijacking attack that exploits vulnerabilities related to the
handling of integer values in a computer program.

BUFFER OVERFLOW STACK OVERFLOW

HEAP OVERFLOW FORMAT STRING OVERFLOW

ARITHMETIC OVERFLOW SIGNEDNESS ISSUES

POINTER SUBTERFUGE

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

 FORMAT STRING
VULNERABILITIES
Format string vulnerabilities in control hijacking
attacks occur when an attacker manipulates input that
is used as a format specifier in a function. By
exploiting weak input validation, the attacker can
overwrite memory, potentially redirecting control flow.
Defenses involve proper input validation and secure
coding practices to mitigate these vulnerabilities.

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

 DEFENSE AGAINST
CONTROL
HIJACKING
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
 PLATFORM
DEFENCE (ASLR)
ADDRESS SPACE
LAYOUT
RANDOMIZATION

Platform defenses against control hijacking attacks

focus on mitigating vulnerabilities and minimizing (DEP)
DATA
the impact of successful attacks. EXECUTION
PREVENTION

(CFI)
CONTROL
FLOW
INTEGRITY

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

 RUN TIME
DEFENCE STACK
CANARIES

Runtime defenses in control hijacking aim

to detect and prevent malicious activities RUNTIME
during program execution CHECKS

MEMORY
PROTECTION

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

 INTEGER OVERFLOW
CONTROL HIJACKING
Integer overflow is a type of control hijacking attack that exploits vulnerabilities related to the
handling of integer values in a computer program.

RETURN-ORIENTED USE OF POLYMORPHIC

PROGRAMMING (ROP) SHELLCODE

JUMP-ORIENTED HEAP SPRAYING

PROGRAMMING (JOP)

DATA-ORIENTED ZERO-DAY
EXPLOITS EXPLOITS

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN
 Summary
IN THIS DIVE INTO COMPUTER SYSTEM SECURITY, WE'RE ESSENTIALLY EXPLORING THE
NUTS AND BOLTS OF SAFEGUARDING OUR DIGITAL REALM. WE KICK THINGS OFF BY
DEFINING WHAT COMPUTER SECURITY IS AND LAYING DOWN THE BASICS OF WHAT WE
NEED TO GRASP IN THIS FIELD. THE REAL-WORLD THREATS TAKE CENTER STAGE AS WE
WALK THROUGH SAMPLE ATTACKS, GIVING US A PEEK INTO THE VARIOUS TACTICS USED BY
NOT-SO-FRIENDLY PLAYERS IN THE DIGITAL ARENA.
THERE'S EVEN A MENTION OF A 'MARKETPLACE FOR VULNERABILITIES,' HIGHLIGHTING THE
FACT THAT DIGITAL THREATS ARE CONSTANTLY EVOLVING. THEN, WE ZOOM IN ON
CONTROL HIJACKING, BREAKING DOWN ITS DIFFERENT ATTACKS LIKE INTEGER OVERFLOW
AND FORMAT STRING VULNERABILITIES. BUT FEAR NOT, WE'RE NOT LEFT DEFENSELESS!
THE DISCUSSION TAKES A POSITIVE TURN, EXPLORING DEFENSE STRATEGIES AGAINST
CONTROL HIJACKING, COVERING BOTH PLATFORM AND RUN-TIME DEFENSES.
AND JUST WHEN YOU THINK YOU'VE GOT THE HANG OF IT, WE TOUCH ON ADVANCED
CONTROL HIJACKING ATTACKS, LEAVING US WITH A SOLID UNDERSTANDING OF THE CORE
ELEMENTS IN COMPUTER SYSTEM SECURITY. AS A BONUS, THERE'S A HINT OF INTRIGUE
WITH THE MENTION OF "ERROR 404 HACKING DIGITAL INDIA PART 1 CHASE," SUGGESTING A
MORE HANDS-ON EXPLORATION OF HACKING IN THE CONTEXT OF DIGITAL INDIA.

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

 Do you have any
questions?

GALGOTIAS UNIVERSITY | 35000+ Students | 200+ Programs | WWW.GALGOTIASUNIVERSITY.EDU.IN

THAN
K
Computer System Security By Pallavi Mam

YOU