Containing a Confused Deputy on x86: A Survey of Privilege Escalation Mitigation Techniques
نویسندگان
چکیده
The weak separation between userand kernelspace in modern operating systems facilitates several forms of privilege escalation. This paper provides a survey of protection techniques, both cutting-edge and time-tested, used to prevent common privilege escalation attacks. The techniques are compared against each other in terms of their effectiveness, their performance impact, the complexity of their implementation, and their impact on diversification techniques such as ASLR. Overall the literature provides a litany of disjoint techniques, each of which trades some performance cost for effectiveness against a particular isolated threat. No single technique was found to effectively mitigate all known and potential attack vectors with reasonable performance cost overhead. Keywords—Protection & Security; Virtualization; Kernel ROP; ret2usr; Kernel Code Implant; rootkits; Operating Systems; Privilege Escalation
منابع مشابه
Towards Taming Privilege-Escalation Attacks on Android
Android’s security framework has been an appealing subject of research in the last few years. Android has been shown to be vulnerable to application-level privilege escalation attacks, such as confused deputy attacks, and more recently, attacks by colluding applications. While most of the proposed approaches aim at solving confused deputy attacks, there is still no solution that simultaneously ...
متن کاملDroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android DroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android
Smart mobile devices process and store a vast amount of securityand privacy sensitive data. To protect this data from malicious applications mobile operating systems, such as Android, adopt finegrained access control architectures. However, related work has shown that these access control architectures are susceptible to applicationlayer privilege escalation attacks. Both automated static and d...
متن کاملDroidAuditor: Forensic Analysis of Application-Layer Privilege Escalation Attacks on Android (Short Paper)
Smart mobile devices process and store a vast amount of securityand privacy sensitive data. To protect this data from malicious applications mobile operating systems, such as Android, adopt finegrained access control architectures. However, related work has shown that these access control architectures are susceptible to applicationlayer privilege escalation attacks. Both automated static and d...
متن کاملCAn't Touch This: Practical and Generic Software-only Defenses Against Rowhammer Attacks
Rowhammer is a hardware bug that can be exploited to implement privilege escalation and remote code execution attacks. Previous proposals on rowhammer mitigation either require hardware changes or follow heuristic-based approaches (based on CPU performance counters). To date, there exists no instant protection against rowhammer attacks on legacy systems. In this paper, we present the design and...
متن کاملCAn't Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory
Rowhammer is a hardware bug that can be exploited to implement privilege escalation and remote code execution attacks. Previous proposals on rowhammer mitigations either require hardware changes or follow heuristicbased approaches (based on CPU performance counters). To date, there exists no instant protection against rowhammer attacks on legacy systems. In this paper, we present the design and...
متن کامل