Yudan Zuo scite author profile

Yudan Zuo

2Publications

3Citation Statements Received

30Citation Statements Given

How they've been cited

How they cite others

Affiliations

National University of Defense Technology

Publications

Order By: Most citations

Security Identifier Randomization: A Method to Prevent Kernel Privilege-Escalation Attacks

Wei

Zuo

Ding

et al. 2016

View full text Add to dashboard Cite

Privilege escalation attack is one of the serious threats to Linux. So the protection of the root user is an important requirement for Linux systems and SELinux has tackled this issue in some degree. But by exploiting kernel privilege-escalation vulnerabilities, the attackers can tamper security identifiers allocated for the process's security contexts, which are the foundation of SELinux enforcing access control. So we propose security identifier randomization method, which can increase the difficulty of kernel privilege-escalation attacks. This method is application transparent and its influence on overall system performance is within 1%.

show abstract

SLR-SELinux: Enhancing the Security Footstone of SEAndroid with Security Label Randomization

Ding

Dong

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

The root privilege escalation attack is extremely destructive to the security of the Android system. SEAndroid implements mandatory access control to the system through the SELinux security policy at the kernel mode, making the general root privilege escalation attacks unenforceable. However, malicious attackers can exploit the Linux kernel vulnerability of privilege escalation to modify the SELinux security labels of the process arbitrarily to obtain the desired permissions and undermine system security. Therefore, investigating the protection method of the security labels in the SELinux kernel is urgent. And the impact on the existing security configuration of the system must also be reduced. This paper proposes an optimization scheme of the SELinux mechanism based on security label randomization to solve the aforementioned problem. At the system runtime, the system randomizes the mapping of the security labels inside and outside the kernel to protect the privileged security labels of the system from illegal obtainment and tampering by attackers. This method is transparent to users; therefore, users do not need to modify the existing system security configuration. A tamper-proof detection method of SELinux security label is also proposed to further improve the security of the method. It detects and corrects the malicious tampering behaviors of the security label in the critical process of the system timely. The above methods are implemented in the Linux system, and the effectiveness of security defense is proven through theoretical analysis and experimental verification. Numerous experiments show that the effect of this method on system performance is less than 1%, and the success probability of root privilege escalation attack is less than 10−9.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Yudan Zuo

Security Identifier Randomization: A Method to Prevent Kernel Privilege-Escalation Attacks

SLR-SELinux: Enhancing the Security Footstone of SEAndroid with Security Label Randomization

Contact Info

Product

Resources

About