Mitigation of Kernel Memory Corruption Using Multiple Kernel Memory Mechanism

Kuzuno, Hiroki; Yamauchi, Toshihiro

doi:10.1109/access.2021.3101452

Cited by 4 publications

(2 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moving Target Defense (MTD) techniques are used to defend against CRAs [50]. Different defense techniques were introduced to mitigate the attacks on the control flow of software in [51], [52]. Control-flow attacks enable malicious actors to change the flow of code execution.…”

Section: ) Ghumvee Overviewmentioning

confidence: 99%

NG-MVEE: A New Proposed Hybrid Technique for Enhanced Mitigation of Code Re-Use Attack

et al. 2023

View full text Add to dashboard Cite

Code-Reuse Attacks (CRAs) are solid mechanisms to bypass advanced software and hardware defenses because they use the software's own code and they are very hard to be detected without significant overhead. Numerous methods have been proposed to protect against memory-based attacks that result from reusing parts of the attacked binary code. In this paper, two problems were tackled. the first problem is the lack of a categorized survey, analysis, and evaluation of the different CRAs proposed in the literature. The second problem is the inherent vulnerability that exists in protection techniques that are based on Multi-Variant Execution Environment (MVEE) since they are using shared Linux libraries with gadget-prone codes. In the paper a novel framework of CRA mitigation is introduced; fusing the two different prominent techniques of control flow integrity and multi-variant execution environment. The novel mitigation technique, named Next Generation MVEE (NG-MVEE), was built upon an existing generic CRA detection system (GHUMVEE) and complemented with a different CRA detection technique (G-Free) in order to provide comprehensive protection against code-reuse attacks. The outcome of the hybrid system is an optimized hybrid version of an MVEE technique, with minimal performance overhead increase due to the added protection layer of the G-Free technique. A median of 7% performance overhead resulted from the proposed protection system.

show abstract

Section: ) Ghumvee Overviewmentioning

confidence: 99%

NG-MVEE: A New Proposed Hybrid Technique for Enhanced Mitigation of Code Re-Use Attack

et al. 2023

View full text Add to dashboard Cite

show abstract

“…In the case of the kernel security issue (CVE-2015-1805), the situation is even more complex since this bug is caused by kernel "misbehaviour". Kernel is entitled to have full access to system memory, and it already has a lot of mechanisms [66][67][68][69] that should prevent such issues. Therefore, we do not think that there is currently any other reliable way of dealing with similar attacks other than regularly installing firmware updates.…”

Section: Possible Mitigation Techniquesmentioning

confidence: 99%

Analysis of Tizen Security Model and Ways of Bypassing It on Smart TV Platform

Majchrowicz

Duch

2021

Applied Sciences

View full text Add to dashboard Cite

The smart TV market is growing at an ever faster pace every year. Smart TVs are equipped with many advanced functions, allow users to search, chat, browse, share, update, and download different content. That is one of the reason why smart TVs became a target for the hacker community. In this article, we decided to test security of Tizen operating system, which is one of the most popular smart TV operating systems. Tizen is used on many different devices including smartphones, notebooks, wearables, infotainment systems, and smart TVs. By now, there are articles which present security mechanisms of Tizen OS, and sometimes with a way to bypass them; however, none of them are applicable to the smart TVs. In the article, we focused on developing an algorithm that will allow us to gain root access to the smart TV. The proposed attack scenario uses CVE-2014-1303 and CVE-2015-1805 bugs to bypass or disable security mechanisms in Tizen OS and finally gain root access.

show abstract

Improving monolithic kernel security and robustness through intra-kernel sandboxing

Novković¹,

Golub²

2023

Computers & Security

View full text Add to dashboard Cite

Mitigation of Kernel Memory Corruption Using Multiple Kernel Memory Mechanism

Cited by 4 publications

References 26 publications

NG-MVEE: A New Proposed Hybrid Technique for Enhanced Mitigation of Code Re-Use Attack

NG-MVEE: A New Proposed Hybrid Technique for Enhanced Mitigation of Code Re-Use Attack

Analysis of Tizen Security Model and Ways of Bypassing It on Smart TV Platform

Improving monolithic kernel security and robustness through intra-kernel sandboxing

Contact Info

Product

Resources

About