Abstract
Privilege separation is a widely used technique to secure complex software systems. With privilege separation, software components are divided into several partitions and these partitions can only communicate through limited interfaces. However, the interfaces still provide a channel for one partition to influence code in other partitions. As a result, certain memory access patterns can be leveraged by attackers to perform arbitrary memory access. We refer to this type of memory access errors by the acronym DUI (Dereference Under the Influence). In this paper, we present a systematic method to detect vulnerabilities leading to DUI through binary analysis, and to estimate the capability attackers can obtain through DUI exploits. The evaluation shows that our approach can accurately identify vulnerable code that leads to arbitrary memory access in real-world software components and programs, when they are transformed to privilege-separated designs.
Cite
CITATION STYLE
Hu, H., Chua, Z. L., Liang, Z., & Saxena, P. (2015). Identifying arbitrary memory access vulnerabilities in privilege-separated software. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9327, pp. 312–331). Springer Verlag. https://doi.org/10.1007/978-3-319-24177-7_16
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
