Identifying arbitrary memory access vulnerabilities in privilege-separated software

Hong Hu, Zheng Leong Chua, Zhenkai Liang, Prateek Saxena

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    2 Scopus citations

    Abstract

    Privilege separation is a widely used technique to secure complex software systems. With privilege separation, software components are divided into several partitions and these partitions can only communicate through limited interfaces. However, the interfaces still provide a channel for one partition to influence code in other partitions. As a result, certain memory access patterns can be leveraged by attackers to perform arbitrary memory access. We refer to this type of memory access errors by the acronym DUI (Dereference Under the Influence). In this paper, we present a systematic method to detect vulnerabilities leading to DUI through binary analysis, and to estimate the capability attackers can obtain through DUI exploits. The evaluation shows that our approach can accurately identify vulnerable code that leads to arbitrary memory access in real-world software components and programs, when they are transformed to privilege-separated designs.

    Original languageEnglish (US)
    Title of host publicationComputer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings
    EditorsGünther Pernul, Peter Y.A. Ryan, Edgar Weippl
    PublisherSpringer Verlag
    Pages312-331
    Number of pages20
    ISBN (Print)9783319241760
    DOIs
    StatePublished - 2015
    Event20th European Symposium on Research in Computer Security, ESORICS 2015 - Vienna, Austria
    Duration: Sep 21 2015Sep 25 2015

    Publication series

    NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
    Volume9327
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Other

    Other20th European Symposium on Research in Computer Security, ESORICS 2015
    CountryAustria
    CityVienna
    Period9/21/159/25/15

    All Science Journal Classification (ASJC) codes

    • Theoretical Computer Science
    • Computer Science(all)

    Fingerprint Dive into the research topics of 'Identifying arbitrary memory access vulnerabilities in privilege-separated software'. Together they form a unique fingerprint.

    Cite this