ABSTRACT
Computing platforms are an integral part of today's society: our transportation, media, financial markets, and even our elections already depend on these systems. Consequently, computing platforms are also highly diverse, ranging from embedded devices in planes and cars, to smartphones, laptops, desktop computers, and powerful servers running the cloud. The Operating System (OS) manages this hardware and provides abstractions for applications running as user-space programs.
The OS usually runs with elevated privileges to protect the platform and other applications from malicious users by enforcing a strict isolation between individual processes. However, all major Operating Systems are written in low-level languages, which provide no guarantees in the presence of bugs. Additionally, hardware implementation flaws enable sophisticated adversaries to exploit the system at run time without requiring memory-corruption vulnerabilities in the system's software.
In this thesis, we evaluate the real-world threat of run-time attacks against Operating Systems despite existing defenses such as Control-Flow Integrity (CFI) being deployed and active. In particular, we show that data-only attacks completely bypass all existing defenses in the kernel. Additionally, Rowhammer-based attacks allow sophisticated adversaries to compromise the OS without requiring any vulnerability in software. We develop novel design strategies for defending the OS against strong user-space attackers and demonstrate feasibility through our prototypes for real-world kernels.
- It's Hammer Time: How to Attack (Rowhammer-based) DRAM-PUFs. Shaza Zeitouni, David Gens, and Ahmad-Reza Sadeghi. In 55th Design Automation Conference (DAC'18), June 2018 {Inproceedings}.Google Scholar
- CAn't Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory. Ferdinand Brasser, Lucas Davi, David Gens, Christopher Liebchen, Lucas Davi, Ahmad-Reza Sadeghi. In 26th USENIX Security Symposium, August 2017 {Inproceedings}.Google Scholar
- LAZARUS: Practical Side-channel Resilient Kernel-Space Randomization. David Gens, Orlando Arias, Dean Sullivan, Christopher Liebchen, Yier Jin, Ahmad-Reza Sadeghi. In 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), September 2017 {Inproceedings}.Google Scholar
- K-Miner: Uncovering Memory Corruption in Linux. David Gens, Simon Schmitt, Lucas Davi, Ahmad-Reza Sadeghi. In 25th Annual Network Distributed System Security Symposium (NDSS), February 2018 {Inproceedings}.Google Scholar
- PT-Rand: Practical Mitigation of Data-only Attacks against Page Tables. Lucas Davi, David Gens, Lucas Davi, Ahmad-Reza Sadeghi. In 24th Annual Network Distributed System Security Symposium (NDSS), February 2017 {Inproceedings}.Google Scholar
- JIT Guard: Hardening Just-in-time Compilers with SGX. Tommaso Frassetto, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi. In 24th ACM Conference on Computer and Communications Security (CCS), November 2017 {Inproceedings}. Google ScholarDigital Library
- OS-level Software & Hardware Attacks and Defenses
Recommendations
Software-driven Security Attacks: From Vulnerability Sources to Durable Hardware Defenses
There is an increasing body of work in the area of hardware defenses for software-driven security attacks. A significant challenge in developing these defenses is that the space of security vulnerabilities and exploits is large and not fully understood. ...
Denial of service attacks, defences and research challenges
This paper presents a review of current denial of service (DoS) attack and defence concepts, from a theoretical ad practical point of view. Seriousness of DoS attacks is tangible and they present one of the most significant threats to assurance of ...
Comments