skip to main content
10.1145/2414456.2414510acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
research-article

Letting applications operate through attacks launched from compromised drivers

Published: 02 May 2012 Publication History

Abstract

With the rapid prevalence of E-Commerce, MMO and social networking, the demand on service availability and continuity is increasingly crucial to production servers or data centers. Hence, software failure recovery systems are thoroughly studied. However, stimulated by significant commercial revenue, attackers begin trying to evade the existing auditing/recovering techniques by manipulating the service applications through the compromised kernel. Nowadays, device drivers account for more than half (could be as high as 70%) of the source code of most commodity operating system kernels, with much more exploitable vulnerabilities than other kernel code [2]. This renders the attackers the opportunity to exploit the driver vulnerability and leverage the kernel privilege of the compromised drivers. With the unrestricted access to the whole (kernel/user) memory address space, successful attackers can launch denial of service attack by incurring driver fault, manipulating critical code/data or even the metadata of the service application process.

References

[1]
Xiaoning Ding, Hai Huang, Yaoping Ruan, Anees Shaikh, Brian Peterson, and Xiaodong Zhang. Splitter: a proxy-based approach for post-migration testing of web applications. In Eurosys, 2010.
[2]
Nicolas Palix, Gael Thomas, Suman Saha, Christophe Calvĺĺs, Julia Lawall, and Gilles Muller. Faults in linux: ten years later. In ASPLOS, 2011.
[3]
Yuen-Lin Tan, Terrence Wong, John D. Strunk, and Gregory R. Ganger. Comparison-based file server verification. In USENIX Annual Technical Conference, 2005.

Index Terms

  1. Letting applications operate through attacks launched from compromised drivers

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      ASIACCS '12: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
      May 2012
      119 pages
      ISBN:9781450316484
      DOI:10.1145/2414456
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 02 May 2012

      Permissions

      Request permissions for this article.

      Check for updates

      Qualifiers

      • Research-article

      Funding Sources

      Conference

      ASIA CCS '12
      Sponsor:

      Acceptance Rates

      Overall Acceptance Rate 418 of 2,322 submissions, 18%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • 0
        Total Citations
      • 112
        Total Downloads
      • Downloads (Last 12 months)4
      • Downloads (Last 6 weeks)1
      Reflects downloads up to 20 Jan 2025

      Other Metrics

      Citations

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media