Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Security Vulnerabilities of Registers in LINUX Hosts:Buffer Overflow and Service Disruption Concerns


Affiliations
1 Department of Information Systems, St. Cloud State University, St. Cloud, Minnesota, United States
2 Department of Information Assurance, St. Cloud State University, St. Cloud, Minnesota, United States
     

   Subscribe/Renew Journal


Security has become extremely important in the information technology field. Often times the most important resource a company has is the data that it has diligently gathered, the loss or deletion of which could cause the failure of the organization. With the advent of Cloud Computing and the use of shared or Colo (colocation) hardware this has become of even greater concern to organizations. This paper looks at ways in which the LINUX operating system and various software tools can be utilized to shed light on potential vulnerabilities, especially how memory is stored at the base layers of the operating system. The main focus is on the registers, and how certain LINUX based tools such as a debugger can be used to determine where memory resides and how it could potentially be attacked, changed, or deleted. Also, the paper discusses how these various techniques and utilities could be used to provide IT professionals with a better understanding of how these attacks could occur as well as the level of sophistication needed to deal with and prevent them.


Keywords

Cloud Computing, LINUX, Registers, Security, Virtualization.
Subscription Login to verify subscription
User
Notifications
Font Size


  • Abdul, R., Guster, D., & Schmidt, M. (2017). Application level memory management strategies via the “garbage collector: Performance and security ramifications. This paper is to be presented at the 2017 Midwest Instructional Computing Symposium.
  • Aldrich, J. (2013). Why Objects are Inevitable, Onward! Proceedings of the 2013 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming & Software, (pp.101-116).
  • Aleph One. (2016). Smashing the Stack for Fun and Profit. Retrieved from http://insecure.org/stf/ smashstack.html.
  • Avijit, K., Gupta, P., & Gupta, D. (2004). TIED, libsafeplus: Tools for runtime buffer overflow protection. Proceedings of the 13th Conference on USENIX Security Symposium, (pp.4-4), August 09-13, 2004, San Diego, CA.
  • Buchanan, E., Roemer, R., Shacham, H., & Savage, S. (2008). When good instructions go bad: Generalizing return-oriented programming to RISC. Proceedings of the 15th ACM Conference on Computer and Communications Security (pp. 27-38). doi:10.1145/1455770.1455776. ISBN 978-1-59593-810-7.
  • Callum, C.,Singer, J., & Vengerov, D. (2015). The judgement of Forseti: Economic utility for dynamic heap sizing of multiple runtimes. ISMM: Proceedings of the 2015 International Symposium on Memory Management, (pp. 143-156).
  • Chen, H., Mao, Y., Wang, X., Zhou, D., Zeldovich, N., & Kaashoek, M. F. (2011). Linux kernel vulnerabilities: State-of-the-art defenses and open problems. Proceedings of the 2nd Asia-Pacific Workshop on Systems, July, 11-12, Shanghai, China.
  • Criswell, J., Geoffray, N., & Vikram, A. (2009). Memory Safety for low-level Software/Hardware Interactions. Proceedings of the 18th Conference on USENIX Security Symposium, (pp.83-100), Montreal, Canada.
  • CVE. (2016). Retrieved from https://www.cvedetails. com/vulnerability-list/vendor_id-33/product_ id- 47/cvssscoremin-7/cvssscoremax-7.99/LinuxLinux-Kernel.html.
  • Eazynotes. (2016). Retrieved from http://www.eazynotes.com/pages/computer-system-architecture/computerregisters.html.
  • Ferreira, K. B., Pedretti, K., Bridges, P. G., Brightwell, R., Fiala, D., & Mueller, F. (2012). Evaluating operating system vulnerability to memory errors. ROSS 2012: Proceedings of the 2nd International Workshop on Runtime and Operating Systems for Supercomputers [Workshop Papers].
  • Francillon, A., Perito, D., & Castelluccia, C. (2009). Defending embedded systems against control flow attacks. In Proceedings of SecuCode 2009, S. Lachmund and C. Schaefer, Eds. ACM Press, pp. 19-26.
  • Genkin, D., Pachmanov, L., Pipman, I., Shamir, A., & Tromer, E. (2016). Physical Key Extraction Attacks on PCs. Communications of the ACM, 59(6), 70-79.
  • Guimaraes, J. (1995). The object oriented model and its advantages. ACM SIGPLAN OOPS Messenger, 6(1), 40-49.
  • Lee, J., Ham, H., Kim, I. & Song, J. (2015). Poster: Page table manipulation attack. Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, (pp. 1644-1646).
  • Levy, S., Ferreira, K. B., Bridges, P. G., Thompson, A. P., & Trott, C. (2015). A study of the viability of exploiting memory content similarity to improve resilience to memory errors. International Journal of High Performance Computing Applications, 29(1), 5-20.
  • Li, J., Wang, Z., Jiang, X., Grace, M., & Bahram, S. (2010). Defeating return- Oriented ischolar_mainkits with “return-less” kernels. In Proceedings of EuroSys, G. Muller, Ed. ACM Press, (pp. 195-208).
  • Pappas, V. (2012). kBouncer: Efficient and Transparent ROP Mitigation. Retrieved from http://www.cs.columbia.edu/~vpappas/papers/kbouncer.pdf.
  • Petsios, T., Kemerlis, V. P., Polychronakis, M., & Keromytis, A. D. (2015). Dyna guard: Armoring canary-based protections against brute-force attacks. Proceedings of the 31st Annual Computer Security Applications Conference, December 07-11, 2015, Los Angeles, CA, USA. [doi>10.1145/2818000.28 18031].
  • Project Zero. (2015). Retrieved from https://googleprojectzero. blogspot.com/2015/06/what-is-good-memorycorruption.html.
  • Riley, R., Jiang, X., & Xu, D. (2008). Guest-transparent prevention of kernel ischolar_mainkits with VMM-based memory shadowing. Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection, September, (pp.15-17), Cambridge, MA, USA. [doi>10.1007/978-3-540-87403-4_1].
  • Stack Exchange. (2017). Buffer overflow and register contents. Retrieved from http://security.stackexchange.com/questions/89139/buffer-overflow-and-register-contents.
  • Stack Overflow. (2016). Retrieved from http://stackoverflow.com/questions/21761185/is-there-a-differencebetweensudo-mode-and-kernel-mode.
  • Xiao, J., Huang, H., & Wang, H. (2010). Kernel Data Attack is a Realistic Security Threat. Security and Privacy in Communication Networks Volume 164 of the series Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, (pp. 135-154).
  • Xu, W. (2015). From Collision to Exploitation: Unleashing use-after-free vulnerabilities in Linux Kernel.
  • Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, (pp.
  • -425).
  • Zhou, Z., Reiter, M. K., & Zhang, Y. (2016). A Software Approach to Defeating Side Channels in Last-level Caches.arXiv preprint arXiv:1603.05615.

Abstract Views: 321

PDF Views: 2




  • Security Vulnerabilities of Registers in LINUX Hosts:Buffer Overflow and Service Disruption Concerns

Abstract Views: 321  |  PDF Views: 2

Authors

Dennis Guster
Department of Information Systems, St. Cloud State University, St. Cloud, Minnesota, United States
Erich Rice
Department of Information Systems, St. Cloud State University, St. Cloud, Minnesota, United States
Hazem Farra
Department of Information Assurance, St. Cloud State University, St. Cloud, Minnesota, United States

Abstract


Security has become extremely important in the information technology field. Often times the most important resource a company has is the data that it has diligently gathered, the loss or deletion of which could cause the failure of the organization. With the advent of Cloud Computing and the use of shared or Colo (colocation) hardware this has become of even greater concern to organizations. This paper looks at ways in which the LINUX operating system and various software tools can be utilized to shed light on potential vulnerabilities, especially how memory is stored at the base layers of the operating system. The main focus is on the registers, and how certain LINUX based tools such as a debugger can be used to determine where memory resides and how it could potentially be attacked, changed, or deleted. Also, the paper discusses how these various techniques and utilities could be used to provide IT professionals with a better understanding of how these attacks could occur as well as the level of sophistication needed to deal with and prevent them.


Keywords


Cloud Computing, LINUX, Registers, Security, Virtualization.

References