Countdown: mitigation of software exploitation using usage count-based system call filterCountdown: 사용 횟수 기반 시스템 호출 필터를 통한 소프트웨어 익스플로잇 방어
System calls have always been abused for many software exploitations. Although modern operating systems have mechanisms to filter the unnecessary system calls, their approach supports only policies of allowing or rejecting, requires manual configuration, and often fails to depend against sophisticated exploits that utilize only permitted system calls. This research suggests a more fine-granular methodology to restrict critical but rarely utilized system calls based on the number of usages. The filtering rules for system calls are generated by dynamically profiling the target applications and are enforced during runtime. The prototype of this research analyzed real-world applications to determine usage limits for each system call. The results show that it can reduce attack surfaces without harming the programs' functionalities, incurring similar performance overhead as a basic filtering mechanism Linux provides. Since the usage limits are automatically found for each system call, it can be practically applied without manual inspection of software source code.
- Description
- 한국과학기술원 :정보보호대학원,
- Publisher
- 한국과학기술원
- Issue Date
- 2021
- Identifier
- 325007
- Language
- eng
- Description
학위논문(석사) - 한국과학기술원 : 정보보호대학원, 2021.8,[iv, 23 p. :]
- Keywords
system call filter▼asoftware exploit mitigation▼aprinciple of least privilege▼asandbox▼asystem security; 시스템 호출 필터▼a소프트웨어 익스플로잇 방어▼a최소 권한의 원칙▼a샌드박스▼a시스템 보안
- Appears in Collection
- IS-Theses_Master(석사논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.