Loading [a11y]/accessibility-menu.js
A vulnerability recommendation system in linux kernel variables | IEEE Conference Publication | IEEE Xplore
Scheduled Maintenance: On Monday, 27 January, the IEEE Xplore Author Profile management portal will undergo scheduled maintenance from 9:00-11:00 AM ET (1400-1600 UTC). During this time, access to the portal will be unavailable. We apologize for any inconvenience.

A vulnerability recommendation system in linux kernel variables


Abstract:

In these days, Linux system is widely used because of its freedom to use and develop. With this trend, to find vulnerabilities in Linux kernel has become more important. ...Show More

Abstract:

In these days, Linux system is widely used because of its freedom to use and develop. With this trend, to find vulnerabilities in Linux kernel has become more important. Linux kernel is so huge that we need a machine based error detecting approach. There are some former studies about error detection in software code. However, they are not suitable for detecting unknown vulnerabilities related to Linux kernel variables. We suggest a vulnerability recommendation system for Linux kernel variables. First, we propose a methodology by analyzing 368 reported vulnerabilities in Linux kernel. We focus on two elements to find vulnerabilities in Linux kernel variables. Those are the kernel variables which are concerned about privilege escalating and the system call tree information that shows which system calls may modify which kernel variables. We tested our recommendation system with two representative Linux versions. Through experiments, we confirm that our system can find potential vulnerabilities including known ones.
Date of Conference: 20-24 August 2009
Date Added to IEEE Xplore: 02 October 2009
ISBN Information:
Print ISSN: 1098-7584
Conference Location: Jeju, Korea (South)

References

References is not available for this document.