Memory-based attacks are attacks we don’t hear a lot about anymore, nowadays. Back in the 80’s and 90’s, this method was used a lot, with attacks such as the Morris Worm paving the way for future attacks of this kind. In this series, we will be exploring, understanding and learning about attacks utilizing memory in digital devices. And hopefully, leave you with a better understanding of how these work.
Memory-based attacks can entail a lot of different things. And we should probably look at it like an umbrella term, of sorts. We can, for example, alter the memory stored by a program and it would count as a memory-based attack. But we can also alter the flow of a program by injecting data, which we can see with buffer overflow attacks. We don’t have the time to dive into every single one of these attacks, of course. But instead, we will focus on a few subjects to make sure that everything remains digestible without overloading you with information.
In this series, we will answer a handful of questions, namely:
- “What are the most common memory-based attacks and how can we identify these?”
- “How do these attacks work and how are they performed?”
- “How effective are the prevention methods that exist today?”
- “How do different environments, such as OS, change the chance an attack succeeds?”
Every question will receive its own post, going into detail on them, one by one. This way, we can make sure you digest every piece of information without feeling overloaded with information. And along the way, I will make sure to provide follow-along code posts, so that you can experiment with these subjects on your own accord, as well!
If you want to follow along with the demos, please make sure to have a way to access Windows and Linux environments. Any additional software necessary will be mentioned in the corresponding posts!
If you need access to a Linux environment but only have a windows machine, I recommend setting up WSL for Windows. Then you can set up a Debian installation, or Ubuntu, for ease of use.
I hope you enjoy the read and please, stay tuned for the posts to come!