Double-fetch bugs are a plague across all major operating system kernels. They occur when data is fetched twice across the user/kernel trust boundary while allowing concurrent modification. Such bugs enable an attacker to illegally access memory, cause denial of service, or to escalate privileges. So far, the only protection against double-fetch bugs is to detect and fix them. However, they remain incredibly hard to find. Similarly, they fundamentally prohibit efficient, kernel-based stateful system call filtering. We propose Midas to mitigate double-fetch bugs. Midas creates on-demand snapshots and copies of accessed data, enforcing our key invariant that throughout a syscall's lifetime, every read to a userspace object will return the sam...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
As machines increase in scale, it is predicted that failure rates of supercomputers will correspondi...
Operating systems adopt kernel protection methods (e.g., mandatory access control, kernel address sp...
International audienceDouble-fetch bugs are a special type of race condition, where an unprivileged ...
During system call execution, it is common for operating system kernels to read userspace memory mu...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...
The last twenty years have witnessed the constant reaction of the security com-munity to memory corr...
The kernel code injection is a common behavior of kernel-compromising attacks where the attackers ai...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Abstract—Targeting the operating system kernel, the core of trust in a system, kernel rootkits are a...
The operating system kernel security is critical for the overall system reliability, since the kerne...
This electronic version was submitted by the student author. The certified thesis is available in th...
The monolithic nature of modern OS kernels leads to a constant stream of bugs being discovered autom...
This thesis makes two contributions: (1) a measurement study of the performance evolution of mitigat...
In this paper, we propose a robust kernel-based solution, called AURORA, to a ubiquitous security pr...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
As machines increase in scale, it is predicted that failure rates of supercomputers will correspondi...
Operating systems adopt kernel protection methods (e.g., mandatory access control, kernel address sp...
International audienceDouble-fetch bugs are a special type of race condition, where an unprivileged ...
During system call execution, it is common for operating system kernels to read userspace memory mu...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...
The last twenty years have witnessed the constant reaction of the security com-munity to memory corr...
The kernel code injection is a common behavior of kernel-compromising attacks where the attackers ai...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Abstract—Targeting the operating system kernel, the core of trust in a system, kernel rootkits are a...
The operating system kernel security is critical for the overall system reliability, since the kerne...
This electronic version was submitted by the student author. The certified thesis is available in th...
The monolithic nature of modern OS kernels leads to a constant stream of bugs being discovered autom...
This thesis makes two contributions: (1) a measurement study of the performance evolution of mitigat...
In this paper, we propose a robust kernel-based solution, called AURORA, to a ubiquitous security pr...
Run-time attacks have plagued computer systems for more than three decades, with control-flow hijack...
As machines increase in scale, it is predicted that failure rates of supercomputers will correspondi...
Operating systems adopt kernel protection methods (e.g., mandatory access control, kernel address sp...