A New Vulnerability Taxonomy Based on Privilege Escalation
نویسندگان
چکیده
Computer security vulnerabilities badly compromise the system security. To profoundly understand the causes of known vulnerabilities and prevent them, this paper develops a new taxonomic character, and then integrates a privilege-escalating based vulnerability taxonomy with multidimensional quantitative attribute. This taxonomy greatly contributes to further researches of security risk assessment of computer system.
منابع مشابه
Surreptitious sharing on Android
Many email and messaging applications on Android utilize the Intent API for sharing images, videos, and documents. Android standardizes Intents for sending and Intent Filters for receiving content. Instead of sending entire files, such as videos, via this API, only URIs are exchanged pointing to the actual storage position. In this paper we evaluate applications regarding a security vulnerabili...
متن کاملDetection of Privilege Escalation for Linux Cluster Security
Cluster computing systems can be among the most valuable resources owned by an organization. As a result, they are high profile targets for attackers, and it is essential that they be well-protected. Although there are a variety of security solutions for enterprise networks and individual machines, there has been little research focused specifically on securing cluster systems despite their gre...
متن کاملPreventing Privilege Escalation
Many operating system services require special privilege to execute their tasks. A programming error in a privileged service opens the door to system compromise in the form of unauthorized acquisition of privileges. In the worst case, a remote attacker may obtain superuser privileges. In this paper, we discuss the methodology and design of privilege separation, a generic approach that lets part...
متن کاملHey, You, Get Off of My Image: Detecting Data Residue in Android Images
Android’s data cleanup mechanism has been called into question with the recently discovered data residue vulnerability. However, the existing study only focuses on one particular Android version and demands heavy human involvement. In this project, we aim to fill the gap by providing a comprehensive understanding of the data residue situation across the entire Android ecosystem. To this end, we...
متن کاملA taxonomy of privilege escalation attacks in Android applications
Google’s Android is one of the most popular mobile operating system platforms today, being deployed on a wide range of mobile devices from various manufacturers. It is termed as a privilegeseparated operating system which implements some novel security mechanisms. Recent research and security attacks on the platform, however, have shown that the security model of Android is flawed and is vulner...
متن کامل