Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CORR
2011
Springer
2011
Springer
Securing The Kernel via Static Binary Rewriting and Program Shepherding
Recent Microsoft security bulletins show that kernel vulnerabilities are becoming more and more important security threats. Despite the pretty extensive security mitigations many of the kernel vulnerabilities are still exploitable. Successful kernel exploitation typically grants the attacker maximum privilege level and results in total machine compromise. To protect against kernel exploitation, we have developed a tool which statically rewrites the Microsoft Windows kernel as well as other kernel level modules. Such rewritten binary files allow us to monitor control flow transfers during operating system execution. At this point we are able to detect whether selected control transfer flow is valid or should be considered as an attack attempt. Our solution is especially directed towards preventing remote kernel exploitation attempts. Additionally, many of the local privilege escalation attacks are also blocked (also due to additional mitigation techniques we have implemented). Our t...
Real-time TrafficCORR 2011 | Education | Kernel Exploitation | Kernel Vulnerabilities | Successful Kernel Exploitation |
| Added | 19 Aug 2011 |
| Updated | 19 Aug 2011 |
| Type | Journal |
| Year | 2011 |
| Where | CORR |
| Authors | Piotr Bania |
Comments (0)
Researcher Info
|
