The kernel is the core of any operating system, and its security is of vital importance. A vulnerability, in any of its parts, compromises the whole system security model. Unprivileged users that find such vulnerabilities can easily crash the attacked system, or obtain administration privi- leges. In this paper we propose LynxFuzzer, a framework to test kernel extensions, i.e., the dynamically loadable com- ponents of Mac OS X kernel. To overcome the challenges posed by interacting with kernel-level software, LynxFuzzer includes a bare-metal hardware-assisted hypervisor, that al- lows to seamlessly inspect the state of a running kernel and its components. We implemented and evaluated LynxFuzzer on Mac OS X Mountain Lion and we obtained unexpected results: we indivuated 6 bugs in 17 kernel extensions we tested, thus proving the usefulness and eectiveness of our framework.
Titolo: | Improving Mac OS X security through gray box fuzzing technique |
Autori: | LANZI, ANDREA (Penultimo) BRUSCHI, DANILO MAURO (Ultimo) |
Settore Scientifico Disciplinare: | Settore INF/01 - Informatica |
Data di pubblicazione: | 2014 |
Enti collegati al convegno: | ACM Special Interest Group on Operating Systems (SIGOPS) |
Digital Object Identifier (DOI): | 10.1145/2592791.2592793 |
Tipologia: | Book Part (author) |
Appare nelle tipologie: | 03 - Contributo in volume |
File in questo prodotto:
File | Descrizione | Tipologia | Licenza | |
---|---|---|---|---|
fuzzer.pdf | Publisher's version/PDF | Administrator Richiedi una copia |