Letting applications operate through attacks launched from compromised drivers

Shengzhi Zhang, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

With the rapid prevalence of E-Commerce, MMO and social networking, the demand on service availability and continuity is increasingly crucial to production servers or data centers. Hence, software failure recovery systems are thoroughly studied. However, stimulated by significant commercial revenue, attackers begin trying to evade the existing auditing/recovering techniques by manipulating the service applications through the compromised kernel. Nowadays, device drivers account for more than half (could be as high as 70%) of the source code of most commodity operating system kernels, with much more exploitable vulnerabilities than other kernel code [2]. This renders the attackers the opportunity to exploit the driver vulnerability and leverage the kernel privilege of the compromised drivers. With the unrestricted access to the whole (kernel/user) memory address space, successful attackers can launch denial of service attack by incurring driver fault, manipulating critical code/data or even the metadata of the service application process.

Original languageEnglish (US)
Title of host publicationASIACCS 2012 - 7th ACM Symposium on Information, Computer and Communications Security
Pages91-92
Number of pages2
DOIs
StatePublished - 2012
Event7th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2012 - Seoul, Korea, Republic of
Duration: May 2 2012May 4 2012

Publication series

NameASIACCS 2012 - 7th ACM Symposium on Information, Computer and Communications Security

Other

Other7th ACM Symposium on Information, Computer and Communications Security, ASIACCS 2012
Country/TerritoryKorea, Republic of
CitySeoul
Period5/2/125/4/12

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Letting applications operate through attacks launched from compromised drivers'. Together they form a unique fingerprint.

Cite this