Visible to the public Hardening the Core: Understanding and Detection of XNU Kernel Vulnerabilities

TitleHardening the Core: Understanding and Detection of XNU Kernel Vulnerabilities
Publication TypeConference Paper
Year of Publication2018
AuthorsLiu, Xianyu, Zheng, Min, Pan, Aimin, Lu, Quan
Conference Name2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)
Keywordscommon application vulnerabilities, compositionality, empirical study, Engines, feedback based fuzzing, feedback-based fuzzing techniques, fuzzing, human factors, Instruments, iOS Security, Kernel, KInspector framework, macOS/iOS kernel XNU, Manuals, Metrics, operating system kernels, pubcrawl, Resiliency, security, security of data, security vulnerabilities, statistical analysis, vulnerability detection, XNU kernel vulnerabilities, XNU kernel vulnerability
AbstractThe occurrence of security vulnerabilities in kernel, especially for macOS/iOS kernel XNU, has increased rapidly in recent years. Naturally, concerns were raised due to the high risks they would lead to, which in general are much more serious than common application vulnerabilities. However, discovering XNU kernel vulnerabilities is always very challenging, and the main approach in practice is still manual analysis, which obviously is not a scalable method. In this paper, we perform an in-depth empirical study on the 406 published XNU kernel vulnerabilities to identify distinguishing characteristics of them and then leverage the features to guide our vulnerability detection, i.e., locating suspicious functions. To further improve the efficiency of vulnerability detection, we present KInspector, a new and lightweight framework to detect XNU kernel vulnerabilities by leveraging feedback-based fuzzing techniques. We thoroughly evaluate our approach on XNU with various versions, and the results turn out to be quite promising: 21 N/0-day vulnerabilities have been discovered in our experiments.
DOI10.1109/DSN-W.2018.00014
Citation Keyliu_hardening_2018