Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
A scalable approach to attack graph generation
Proceedings of the 13th ACM conference on Computer and communications security
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Preventing privilege escalation
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Transforming commodity security policies to enforce Clark-Wilson integrity
Proceedings of the 28th Annual Computer Security Applications Conference
Process firewalls: protecting processes during resource access
Proceedings of the 8th ACM European Conference on Computer Systems
| Hi-index | 0.00 |
Protecting host system integrity in the face of determined adversaries remains a major problem. Despite advances in program development and access control, attackers continue to compromise systems forcing security practitioners to regularly react to such breaches. While security practitioners may eventually learn which entry points in programs must be defended over a software's lifetime, new software and configuration options are frequently introduced, opening additional vulnerabilities to adversaries. The application developers' problem is to identify the program entry points accessible to adversaries and provide necessary defenses at these entry points before the adversaries use these to compromise the program. Unfortunately, this is a race that developers often lose. While some program vulnerable entry points are well-known (mostly network), the complexity of host systems makes it difficult to prevent local exploits should attackers gain control of any unprivileged processing. The question we explore in this paper is whether the program entry points accessible to adversaries can be found proactively, so defenses at these entry points can also be developed proactively.