• Aiuto
  • Sfoglia

    • The kernel is the core of any operating system, and its security is of vital importance. A vulnerability, in any of its parts, compromises the whole system security model. Unprivileged users that find such vulnerabilities can easily crash the attacked system, or obtain administration privi- leges. In this paper we propose LynxFuzzer, a framework to test kernel extensions, i.e., the dynamically loadable com- ponents of Mac OS X kernel. To overcome the challenges posed by interacting with kernel-level software, LynxFuzzer includes a bare-metal hardware-assisted hypervisor, that al- lows to seamlessly inspect the state of a running kernel and its components. We implemented and evaluated LynxFuzzer on Mac OS X Mountain Lion and we obtained unexpected results: we indivuated 6 bugs in 17 kernel extensions we tested, thus proving the usefulness and eectiveness of our framework.

    SFX


    Titolo: Improving Mac OS X security through gray box fuzzing technique
    Autori: 
    FATTORI, ARISTIDE
    REINA, ALESSANDRO
    LANZI, ANDREA (Penultimo)
    BRUSCHI, DANILO MAURO (Ultimo)
    mostra contributor esterni 
    Settore Scientifico Disciplinare: Settore INF/01 - Informatica
    Data di pubblicazione: 2014
    Enti collegati al convegno: ACM Special Interest Group on Operating Systems (SIGOPS)
    Digital Object Identifier (DOI): 10.1145/2592791.2592793
    Tipologia: Book Part (author)
    Appare nelle tipologie:03 - Contributo in volume

    File in questo prodotto:
    File Descrizione Tipologia Licenza  
    fuzzer.pdf Publisher's version/PDFAdministrator   Richiedi una copia
    Utilizza questo identificativo per citare o creare un link a questo documento:
    http://hdl.handle.net/2434/236614
    • Citazioni
    • ND

    I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
     
     
     
    Powered by IRIS-about IRIS-Utilizzo dei cookie
    Logo CINECA  Copyright © 2019