Abstract:
In these days, Linux system is widely used because of its freedom to use and develop. With this trend, to find vulnerabilities in Linux kernel has become more important. ...Show MoreMetadata
Abstract:
In these days, Linux system is widely used because of its freedom to use and develop. With this trend, to find vulnerabilities in Linux kernel has become more important. Linux kernel is so huge that we need a machine based error detecting approach. There are some former studies about error detection in software code. However, they are not suitable for detecting unknown vulnerabilities related to Linux kernel variables. We suggest a vulnerability recommendation system for Linux kernel variables. First, we propose a methodology by analyzing 368 reported vulnerabilities in Linux kernel. We focus on two elements to find vulnerabilities in Linux kernel variables. Those are the kernel variables which are concerned about privilege escalating and the system call tree information that shows which system calls may modify which kernel variables. We tested our recommendation system with two representative Linux versions. Through experiments, we confirm that our system can find potential vulnerabilities including known ones.
Published in: 2009 IEEE International Conference on Fuzzy Systems
Date of Conference: 20-24 August 2009
Date Added to IEEE Xplore: 02 October 2009
ISBN Information:
Print ISSN: 1098-7584