The Community for Technology Leaders
RSS Icon
Subscribe
Tucson, Arizona
Dec. 5, 2005 to Dec. 9, 2005
ISBN: 0-7695-2461-3
pp: 286-302
Gaurav S. Kc , Google Inc., Mountain View, CA
Angelos D. Keromytis , Columbia University, New York, NY
ABSTRACT
<p>We present e-NeXSh, a novel security approach that utilises kernel and LIBC support for efficiently defending systems against process-subversion attacks. Such attacks exploit vulnerabilities in software to override its program control-flow and consequently invoke system calls, causing out-of-process damage. Our technique defeats such attacks by monitoring all LIBC function and system-call invocations, and validating them against process-specific information that strictly prescribes the permissible behaviour for the program (unlike general sandboxing techniques that require manually maintained, explicit policies, we use the program code itself as a guideline for an implicit policy). Any deviation from this behaviour is considered malicious, and we halt the attack, limiting its damage to within the subverted process.</p> <p>We implemented e-NeXSh as a set of modifications to the linux-2.4.18-3 kernel and a new user-space shared library (e-NeXSh.so). The technique is transparent, requiring no modifications to existing libraries or applications. e-NeXSh was able to successfully defeat both codeinjection and libc-based attacks in our effectiveness tests. The technique is simple and lightweight, demonstrating no measurable overhead for select UNIX utilities, and a negligible 1.55% performance impact on the Apache web server.</p>
INDEX TERMS
null
CITATION
Gaurav S. Kc, Angelos D. Keromytis, "e-NeXSh: Achieving an Effectively Non-Executable Stack and Heap via System-Call Policing", ACSAC, 2005, Computer Security Applications Conference, Annual, Computer Security Applications Conference, Annual 2005, pp. 286-302, doi:10.1109/CSAC.2005.22
20 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool