Detail výsledku

Hijacking the Linux Kernel

PROCHÁZKA, B.; VOJNAR, T.; DRAHANSKÝ, M. Hijacking the Linux Kernel. Sixth Doctoral Workshop on Mathematical and Engineering Methods in Computer Science (MEMICS'10) -- Selected Papers. OpenAccess Series in Informatics (OASIcs). OASIcs proceedengs from MEMICS'10 papers. Dagstuhl: Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik, 2011. no. 2, p. 85-92. ISBN: 978-3-939897-22-4. ISSN: 2190-6807.

Typ

článek ve sborníku konference

Jazyk

anglicky

Autoři

Procházka Boris, Ing., FIT (FIT)
Vojnar Tomáš, prof. Ing., Ph.D., UITS (FIT)
Drahanský Martin, prof. Ing., Ph.D., UIFS (FIT), UITS (FIT)

Abstrakt

In this paper, a new method of hijacking the Linux kernel is
presented. It is based on analysing the Linux system call handler, where a proper set of instructions is subsequently replaced by a jump to a di erent function. The ability to change the execution
flow in the middle of an existing function represents a unique approach in Linux kernel hacking. The attack is applicable to all kernels from the 2.6 series on the Intel architecture. Due to this, rootkits based on this kind of technique represent a high risk for Linux administrators.

Klíčová slova

computer security, operating system, Linux, rootkit, system call, IA-32

URL

http://drops.dagstuhl.de/opus/volltexte/2011/3063/pdf/7.pdf

Rok

2011

Strany

85–92

Časopis

OpenAccess Series in Informatics (OASIcs), roč. 16, č. 2, ISSN 2190-6807

Sborník

Sixth Doctoral Workshop on Mathematical and Engineering Methods in Computer Science (MEMICS'10) -- Selected Papers

Řada

OASIcs proceedengs from MEMICS'10 papers

Konference

MEMICS'10 -- 6th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science

ISBN

978-3-939897-22-4

Vydavatel

Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik

Místo

Dagstuhl

BibTeX

@inproceedings{BUT91166,
  author="Boris {Procházka} and Tomáš {Vojnar} and Martin {Drahanský}",
  title="Hijacking the Linux Kernel",
  booktitle="Sixth Doctoral Workshop on Mathematical and Engineering Methods in Computer Science (MEMICS'10) -- Selected Papers",
  year="2011",
  series="OASIcs proceedengs from MEMICS'10 papers",
  journal="OpenAccess Series in Informatics (OASIcs)",
  volume="16",
  number="2",
  pages="85--92",
  publisher="Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik",
  address="Dagstuhl",
  isbn="978-3-939897-22-4",
  issn="2190-6807",
  url="http://drops.dagstuhl.de/opus/volltexte/2011/3063/pdf/7.pdf"
}

Projekty

Výzkum informačních technologií z hlediska bezpečnosti, MŠMT, Institucionální prostředky SR ČR (např. VZ, VC), MSM0021630528, zahájení: 2007-01-01, ukončení: 2013-12-31, řešení

Výzkumné skupiny

Security Technology Research and Development (VZ STRaDe)
Výzkumná skupina automatizované analýzy a verifikace - VeriFIT (VZ VERIFIT)

Pracoviště

Ústav inteligentních systémů (UITS)