Peiró Frasquet, S.; Muñoz Alcobendas, M.; Crespo Lorente, A. (2016). An analysis on the impact and detection of kernel stack infoleaks. Logic Journal of the IGPL. 24(6):899-915. https://doi.org/10.1093/jigpal/jzw049
Por favor, use este identificador para citar o enlazar este ítem: http://hdl.handle.net/10251/84113
Title:
|
An analysis on the impact and detection of kernel stack infoleaks
|
Author:
|
Peiró Frasquet, Salvador
Muñoz Alcobendas, Manuel
Crespo Lorente, Alfons
|
UPV Unit:
|
Universitat Politècnica de València. Instituto Universitario de Automática e Informática Industrial - Institut Universitari d'Automàtica i Informàtica Industrial
|
Issued date:
|
|
Abstract:
|
[EN] The Linux kernel has become a fundamental component of mainstream computing solutions, now being used in a wide range of applications ranging from consumer electronics to cloud and server solutions. Being expected to ...[+]
[EN] The Linux kernel has become a fundamental component of mainstream computing solutions, now being used in a wide range of applications ranging from consumer electronics to cloud and server solutions. Being expected to continue its growth, especially in the mission-critical workloads. Parallel to the Linux adoption has increased its misuse by attackers and malicious users. This has increased attention paid to kernel security through the deployment of kernel protection mechanisms. Kernel-based attacks require reliability, where kernel attack reliability is achieved through the information gathering stage, where the attacker is able to gather enough information about the target to succeed. The taxonomy of kernel vulnerabilities includes information leaks (CWE-200), that are a class of vulnerabilities that permit access to the kernel memory layout and contents. Information leaks can improve the attack reliability enabling the attacker to read sensitive kernel data to bypass kernel based protections. In this work, we aim at the analysis and detection of stack-based information leaks to harden the security of the kernel. First, we analyse the problem of kernel infoleaks in Section 3, next, we examine the impact of infoleaks attacks on the security of the kernel in Section 4. Then, we present a technique for detecting kernel based infoleaks through static analysis Section 5. Next, we evaluate our technique by applying it to the Linux kernel in Section 6. Finally, we discuss the applications and limitations of our work (Section 6.3) and finally we draw our concluding remarks.
[-]
|
Subjects:
|
Confidentiality
,
Information security
,
Information disclosure (Infoleak)
,
kernel
,
Operating system
|
Copyrigths:
|
Reserva de todos los derechos
|
Source:
|
Logic Journal of the IGPL. (issn:
1367-0751
)
|
DOI:
|
10.1093/jigpal/jzw049
|
Publisher:
|
Oxford University Press (OUP)
|
Publisher version:
|
http://dx.doi.org/10.1093/jigpal/jzw049
|
Project ID:
|
info:eu-repo/grantAgreement/EC/FP7/610640/EU/Distributed REal-Time Architecture for Mixed Criticality Systems/
info:eu-repo/grantAgreement/MINECO//TIN2014-56158-C4-1-P/ES/SISTEMAS CIBER-FISICOS DE CRITICIDAD MIXTA SOBRE PLATAFORMAS MULTINUCLEO/
info:eu-repo/grantAgreement/MINECO//TIN2014-56158-C4-4-P/ES/CODISEÑO DE SISTEMAS DE CONTROL CON CRITICIDAD MIXTA BASADO EN MISIONES/
|
Description:
|
This is a pre-copyedited, author-produced PDF of an article accepted for publication in Logic Journal of the IGPL following peer review. The version of record An analysis on the impact and detection of kernel stack infoleaks. Logic Journal of the IGPL, 24(6), 899-915. is available online at: https://academic.oup.com/jigpal/issue/24/6.
|
Thanks:
|
The author wants to thank all the people that contributed to make this work possible. This work has been partially supported by the Spanish Government Research Office under grant TIN2014-56158-C4-1-P, TIN2014-56158-C4-4-P ...[+]
The author wants to thank all the people that contributed to make this work possible. This work has been partially supported by the Spanish Government Research Office under grant TIN2014-56158-C4-1-P, TIN2014-56158-C4-4-P and EU Project DREAMS FP7-ICT- 610640.
[-]
|
Type:
|
Artículo
|