User Tools

Site Tools


malware_floating-point

Malware and Floating-Point

This lecture covers two topics: malicious software and the representation / processing of real numbers.

Outline

  • Self-modifying code
  • Buffer overrun on the stack and its exploitation. The key idea is to overwrite the return address pushed on the stack. This way, when the method returns, it does not return to the caller but to the location specified by that address. That location has the malicious code.
  • The IEEE 754 standard for representing real numbers in two formats, single (32-bit) and double (64-bit) precision.
  • The floating-point instructions.

Big Ideas

  • Software vulnerabilities and their exploitation
  • The range-precision trade-off in real numbers
  • Round-off: an ever present loss of precision in any code that deals with real numbers

To Do

  • Go over the files, SMC1, SMC2, and IEEE in the Resource Directory
  • Read pages 189-197, 206-207 of Section 3.6. If you have the old version of the textbook then read pages 275-280, 288, and 291 of Section 4.8
malware_floating-point.txt · Last modified: 2007/10/19 18:50 by roumani

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki