Proceedings 2016 Network and Distributed System Security Symposium 2016
DOI: 10.14722/ndss.2016.23218
|View full text |Cite
|
Sign up to set email alerts
|

Enforcing Kernel Security Invariants with Data Flow Integrity

Abstract: Abstract-The operation system kernel is the foundation of the whole system and is often the de facto trusted computing base for many higher level security mechanisms. Unfortunately, kernel vulnerabilities are not rare and are continuously being introduced with new kernel features. Once the kernel is compromised, attackers can bypass any access control checks, escalate their privileges, and hide the evidence of attacks. Many protection mechanisms have been proposed and deployed to prevent kernel exploits. Howev… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
47
0

Year Published

2018
2018
2020
2020

Publication Types

Select...
4
2
1

Relationship

0
7

Authors

Journals

citations
Cited by 83 publications
(47 citation statements)
references
References 40 publications
0
47
0
Order By: Relevance
“…Such assumptions are reasonable in recent firmware using a hardware-protected root of trust [26,58] at boot time and protection of firmware runtime services [9,75,76]. For the OS kernel, one can use UEFI Secure Boot [69] at boot time, and rely on e.g., security invariants [64] or a hardware-based integrity monitor [4] at runtime. The main threat that we address is the compromise of services inside an OS.…”
Section: Threat Model and Assumptionsmentioning
confidence: 99%
“…Such assumptions are reasonable in recent firmware using a hardware-protected root of trust [26,58] at boot time and protection of firmware runtime services [9,75,76]. For the OS kernel, one can use UEFI Secure Boot [69] at boot time, and rely on e.g., security invariants [64] or a hardware-based integrity monitor [4] at runtime. The main threat that we address is the compromise of services inside an OS.…”
Section: Threat Model and Assumptionsmentioning
confidence: 99%
“…By using static analysis, DFI computes a Data Flow Graph and checks whether the definition of each data object is legal at run-time. A tailored DFI (Song et al 2016) was proposed to solve the privilege escalation attack in the kernel. A complete enforcement of DFI can defend against DSMAs, however, complete DFI suffers from performance overhead as high as 103% (Castro et al 2006).…”
Section: Related Workmentioning
confidence: 99%
“…A complete enforcement of DFI can defend against DSMAs, however, complete DFI suffers from performance overhead as high as 103% (Castro et al 2006). Tailored DFI (Song et al 2016) focusing on privilege escalation attacks in the kernel can defeat small parts of DSMAs, but the majority of DSMAs are out-of-scope of that work. Recently, researchers leverage hardware to assist the DFI and improve the runtime overhead (Song et al 2016).…”
Section: Related Workmentioning
confidence: 99%
See 2 more Smart Citations