![]() Mokhov, S., Laverdire, M., Benredjem, D.: Taxonomy of Linux kernel vulnerability solutions. In: Proceedings of the Second Asia-Pacific Workshop on Systems (2011) Technical report, Department of Computer Science, University of California at Davis (1995)Ĭhen, H., Mao, Y., Wang, X., Zhou, D., Zeldovich, N., Frans Kaashoek, M.: Linux kernel vulnerabilities: state-of-the-art defenses and open problems. 26(3), 211–254 (1994)īishop, M.: A taxonomy of Unix and network security vulnerabilities. Landwehr, C.E., Bull, A.R., McDermott, J.P., Choi, W.S.: A taxonomy of computer program security flaws, with examples. PhD thesis dissertation, Carnegie Mellon University, Department of Engineering and Public Policy (1997) Howard, J.D.: An analysis of security incidents on the Internet. ![]() PhD thesis dissertation, Virginia Polytechnic Institute and State University (2001)Īlvarez, G., Petrovic, S.: A new taxonomy of web attacks suitable for efficient encoding. Lough, D.: A taxonomy of computer attacks with applications to wireless networks. Technical report: CS-09-003, University of Memphis (2009) Simmons, C., Ellis, C., Shiva, S., Dasgupta, D., Wu, Q.: AVOIDIT: a cyber attack taxonomy. Ghosh, D., Sharman, R., Rao, H.R., Upadhyaya, S.: Self-healing systems–survey and synthesis. 23(3), 1519–51 (2018)Īhmed, M., Mahmood, A.N., Hu, J.: A survey of network anomaly detection techniques. ![]() In: Proceedings of the 2018 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2018)īagherzadeh, M., Kahani, N., Bezemer, C.P., Hassan, A.E., Dingel, J., Cordy, J.R.: Analyzing a decade of Linux system calls. Gens, D., Schmitt, S., Davi, L., Sadeghi, AR.: K-miner: Uncovering memory corruption in linux. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. Xu, W., Li, J., Shu, J., Yang, W., Xie, T., Zhang, Y., Gu, D.: From collision to exploitation: unleashing use-after-free vulnerabilities in linux kernel. In: InUSENIX Security Symposium, 2017 Aug 16 Wang, P., Krinke, J., Lu, K., Li, G., Dodier-Lazaro, S.: How double-fetch situations turn into double-fetch vulnerabilities: a study of double fetches in the Linux kernel. Most of them can be exploited from the local system, leading to attacks that can severely compromise the kernel quality of service, and allow attackers to gain privileged access Our findings indicate the presence of a large number of low-complexity vulnerabilities. We classify these vulnerabilities from the attacker’s view using various criteria such as the attacker’s objective, the targeted subsystems of the kernel, the location from which vulnerabilities can be exploited (i.e., locally or remotely), the impact of the attack on confidentiality, system integrity and availability, and the complexity level associated with exploiting vulnerabilities. In this paper, we report on our analysis of 1,858 Linux kernel vulnerabilities covering a period of Jan 2010-Jan 2020. Existing studies, however, have a strong focus on the attack type (e.g., buffer overflow). Several approaches have been proposed to analyze kernel-level vulnerabilities. Combining this newly proposed technique with existing stabilization approaches produces a composite stabilization method that achieves a 135.53% exploitation reliability improvement on average, outperforming exploit stabilization by professional security researchers by 67.86%.Protecting the Linux kernel from malicious activities is of paramount importance. Our experiment indicates that the new stabilization technique improves Linux kernel exploit reliability by 14.87% on average. We also leverage the model to propose a new exploitation technique. We use the proposed exploit model to interpret the exploitation unreliability issue and analyze why stabilization techniques succeed or fail. To help the security community better understand exploitation stabilization, we inspect our experiment results and design a generic kernel heap exploit model. ![]() The results indicate that many kernel security experts have incorrect opinions on exploitation stabilization techniques. We then evaluate these stabilization techniques on 17 real-world kernel heap exploits. We first interview kernel security experts, gathering commonly adopted exploitation stabilization techniques and expert opinions about these techniques. In this paper, we present a systematic study of the kernel heap exploit reliability problem. Though techniques have been proposed to stabilize exploits in the past, little scientific research has been conducted to evaluate their effectiveness and explore their working conditions. The dynamic of the Linux kernel heap layout significantly impacts the reliability of kernel heap exploits, making exploitability assessment challenging. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |