Trusted execution path for protecting java applications against deserialization of untrusted data

Cristalli, S.; Vignati, E.; Bruschi, D.; Lanzi, A.

doi:10.1007/978-3-030-00470-5_21

Deserialization of untrusted data is an issue in many programming languages. In particular, deserialization of untrusted data in Java can lead to Remote Code Execution attacks. Conditions for this type of attack exist, but vulnerabilities are hard to detect. In this paper, we propose a novel sandboxing approach for protecting Java applications based on trusted execution path used for defining the deserialization behavior. We test our defensive mechanism on two main Java Framework JBoss and Jenkins and we show the effectiveness and efficiency of our system. We also discuss the limitations of our current system on newer attacks strategies.

Trusted execution path for protecting java applications against deserialization of untrusted data / S. Cristalli, E. Vignati, D. Bruschi, A. Lanzi (LECTURE NOTES IN COMPUTER SCIENCE). - In: Research in Attacks, Intrusions, and Defenses / [a cura di] M. Bailey, T. Holz, M. Stamatogiannakis, S. Ioannidis. - [s.l] : Springer Verlag, 2018. - ISBN 9783030004699. - pp. 445-464 (( Intervento presentato al 21. convegno International Symposium on Research in Attacks, Intrusions and Defenses tenutosi a Heraklion nel 2018 [10.1007/978-3-030-00470-5_21].

Trusted execution path for protecting java applications against deserialization of untrusted data

S. Cristalli;Vignati, Edoardo;D. Bruschi;A. Lanzi

2018

Abstract

Deserialization of untrusted data is an issue in many programming languages. In particular, deserialization of untrusted data in Java can lead to Remote Code Execution attacks. Conditions for this type of attack exist, but vulnerabilities are hard to detect. In this paper, we propose a novel sandboxing approach for protecting Java applications based on trusted execution path used for defining the deserialization behavior. We test our defensive mechanism on two main Java Framework JBoss and Jenkins and we show the effectiveness and efficiency of our system. We also discuss the limitations of our current system on newer attacks strategies.

Scheda breve

Scheda completa

Scheda completa (DC)

	Parole chiave
	
			Sandbox; Anomaly detection; Java security; Software protection
		
	Settori scientifico-disciplinari del contributo
	
			Settore INF/01 - Informatica
		
	Data di pubblicazione
	
			2018
		
	DOI
	
			https://dx.doi.org/10.1007/978-3-030-00470-5_21
		
	Tipologia
	
			Book Part (author)
		
	Appare nelle tipologie:
	
			03 - Contributo in volume

File in questo prodotto:

File	Dimensione	Formato
Cristalli2018_Chapter_TrustedExecutionPathForProtect.pdf accesso riservato Tipologia: Publisher's version/PDF Dimensione 303.06 kB Formato Adobe PDF Visualizza/Apri Richiedi una copia	303.06 kB	Adobe PDF	Visualizza/Apri Richiedi una copia

Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/625563

Citazioni

ND

10

6

IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca