TY - GEN
T1 - Letting applications operate through attacks launched from compromised drivers
AU - Zhang, Shengzhi
AU - Liu, Peng
PY - 2012
Y1 - 2012
N2 - With the rapid prevalence of E-Commerce, MMO and social networking, the demand on service availability and continuity is increasingly crucial to production servers or data centers. Hence, software failure recovery systems are thoroughly studied. However, stimulated by significant commercial revenue, attackers begin trying to evade the existing auditing/recovering techniques by manipulating the service applications through the compromised kernel. Nowadays, device drivers account for more than half (could be as high as 70%) of the source code of most commodity operating system kernels, with much more exploitable vulnerabilities than other kernel code [2]. This renders the attackers the opportunity to exploit the driver vulnerability and leverage the kernel privilege of the compromised drivers. With the unrestricted access to the whole (kernel/user) memory address space, successful attackers can launch denial of service attack by incurring driver fault, manipulating critical code/data or even the metadata of the service application process.
AB - With the rapid prevalence of E-Commerce, MMO and social networking, the demand on service availability and continuity is increasingly crucial to production servers or data centers. Hence, software failure recovery systems are thoroughly studied. However, stimulated by significant commercial revenue, attackers begin trying to evade the existing auditing/recovering techniques by manipulating the service applications through the compromised kernel. Nowadays, device drivers account for more than half (could be as high as 70%) of the source code of most commodity operating system kernels, with much more exploitable vulnerabilities than other kernel code [2]. This renders the attackers the opportunity to exploit the driver vulnerability and leverage the kernel privilege of the compromised drivers. With the unrestricted access to the whole (kernel/user) memory address space, successful attackers can launch denial of service attack by incurring driver fault, manipulating critical code/data or even the metadata of the service application process.
UR - http://www.scopus.com/inward/record.url?scp=84871979545&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84871979545&partnerID=8YFLogxK
U2 - 10.1145/2414456.2414510
DO - 10.1145/2414456.2414510
M3 - Conference contribution
AN - SCOPUS:84871979545
SN - 9781450313032
T3 - ASIACCS 2012 - 7th ACM Symposium on Information, Computer and Communications Security
SP - 91
EP - 92
BT - ASIACCS 2012 - 7th ACM Symposium on Information, Computer and Communications Security
T2 - 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2012
Y2 - 2 May 2012 through 4 May 2012
ER -