Visible to the public Biblio

Filters: Keyword is operating system security  [Clear All Filters]
2022-07-29
Iqbal, Shahrear.  2021.  A Study on UAV Operating System Security and Future Research Challenges. 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC). :0759—0765.
The popularity of Unmanned Aerial Vehicles (UAV) or more commonly known as Drones is increasing recently. UAVs have tremendous potential in various industries, e.g., military, agriculture, transportation, movie, supply chain, and surveillance. UAVs are also popular among hobbyists for photography, racing, etc. Despite the possibilities, many UAV related security incidents are reported nowadays. UAVs can be targeted by malicious parties and if compromised, life-threatening activities can be performed using them. As a result, governments around the world have started to regulate the use of UAVs. We believe that UAVs need an intelligent and automated defense mechanism to ensure the safety of humans, properties, and the UAVs themselves. A major component where we can incorporate the defense mechanism is the operating system. In this paper, we investigate the security of existing operating systems used in consumer and commercial UAVs. We then survey various security issues of UAV operating systems and possible solutions. Finally, we discuss several research challenges for developing a secure operating system for UAVs.
2022-03-14
Mambretti, Andrea, Sandulescu, Alexandra, Sorniotti, Alessandro, Robertson, William, Kirda, Engin, Kurmus, Anil.  2021.  Bypassing memory safety mechanisms through speculative control flow hijacks. 2021 IEEE European Symposium on Security and Privacy (EuroS P). :633–649.
The prevalence of memory corruption bugs in the past decades resulted in numerous defenses, such as stack canaries, control flow integrity (CFI), and memory-safe languages. These defenses can prevent entire classes of vulnerabilities, and help increase the security posture of a program. In this paper, we show that memory corruption defenses can be bypassed using speculative execution attacks. We study the cases of stack protectors, CFI, and bounds checks in Go, demonstrating under which conditions they can be bypassed by a form of speculative control flow hijack, relying on speculative or architectural overwrites of control flow data. Information is leaked by redirecting the speculative control flow of the victim to a gadget accessing secret data and acting as a side channel send. We also demonstrate, for the first time, that this can be achieved by stitching together multiple gadgets, in a speculative return-oriented programming attack. We discuss and implement software mitigations, showing moderate performance impact.
2022-02-22
Ordouie, Navid, Soundararajan, Nirmala, Karne, Ramesh, Wijesinha, Alexander L..  2021.  Developing Computer Applications without any OS or Kernel in a Multi-core Architecture. 2021 International Symposium on Networks, Computers and Communications (ISNCC). :1—8.
Over the years, operating systems (OSs) have grown significantly in complexity and size providing attackers with more avenues to compromise their security. By eliminating the OS, it becomes possible to develop general-purpose non-embedded applications that are free of typical OS-related vulnerabilities. Such applications are simpler and smaller in size, making it easier secure the application code. Bare machine computing (BMC) applications run on ordinary desktops and laptops without the support of any operating system or centralized kernel. Many BMC applications have been developed previously for single-core systems. We show how to build BMC applications for multicore systems by presenting the design and implementation of a novel UDP-based bare machine prototype Web server for a multicore architecture. We also include preliminary experimental results from running the server on the Internet. This work provides a foundation for building secure computer applications that run on multicore systems without the need for intermediary software.
2018-01-23
Moon, Hyungon, Lee, Jinyong, Hwang, Dongil, Jung, Seonhwa, Seo, Jiwon, Paek, Yunheung.  2017.  Architectural Supports to Protect OS Kernels from Code-Injection Attacks and Their Applications. ACM Trans. Des. Autom. Electron. Syst.. 23:10:1–10:25.

The kernel code injection is a common behavior of kernel-compromising attacks where the attackers aim to gain their goals by manipulating an OS kernel. Several security mechanisms have been proposed to mitigate such threats, but they all suffer from non-negligible performance overhead. This article introduces a hardware reference monitor, called Kargos, which can detect the kernel code injection attacks with nearly zero performance cost. Kargos monitors the behaviors of an OS kernel from outside the CPU through the standard bus interconnect and debug interface available with most major microprocessors. By watching the execution traces and memory access events in the monitored target system, Kargos uncovers attempts to execute malicious code with the kernel privilege. On top of this, we also applied the architectural supports for Kargos to the detection of ROP attacks. KS-Stack is the hardware component that builds and maintains the shadow stacks using the existing supports to detect this ROP attacks. According to our experiments, Kargos detected all the kernel code injection attacks that we tested, yet just increasing the computational loads on the target CPU by less than 1% on average. The performance overhead of the KS-Stack was also less than 1%.

2017-05-30
Johnson, Ryan V., Lass, Jessie, Petullo, W. Michael.  2016.  Studying Naive Users and the Insider Threat with SimpleFlow. Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats. :35–46.

Most access control systems prohibit illicit actions at the moment they seem to violate a security policy. While effective, such early action often clouds insight into the intentions behind negligent or willful security policy violations. Furthermore, existing control mechanisms are often very low-level; this hinders understanding because controls must be spread throughout a system. We propose SimpleFlow, a simple, information-flow-based access control system which allows illicit actions to occur up until sensitive information would have left the local network. SimpleFlow marks such illicit traffic before transmission, and this allows network devices to filter such traffic in a number of ways. SimpleFlow can also spoof intended recipients to trick malware into revealing application-layer communication messages even while blocking them. We have written SimpleFlow as a modification to the Linux kernel, and we have released our work as open source.

2017-05-17
Hsu, Terry Ching-Hsiang, Hoffman, Kevin, Eugster, Patrick, Payer, Mathias.  2016.  Enforcing Least Privilege Memory Views for Multithreaded Applications. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :393–405.

Failing to properly isolate components in the same address space has resulted in a substantial amount of vulnerabilities. Enforcing the least privilege principle for memory accesses can selectively isolate software components to restrict attack surface and prevent unintended cross-component memory corruption. However, the boundaries and interactions between software components are hard to reason about and existing approaches have failed to stop attackers from exploiting vulnerabilities caused by poor isolation. We present the secure memory views (SMV) model: a practical and efficient model for secure and selective memory isolation in monolithic multithreaded applications. SMV is a third generation privilege separation technique that offers explicit access control of memory and allows concurrent threads within the same process to partially share or fully isolate their memory space in a controlled and parallel manner following application requirements. An evaluation of our prototype in the Linux kernel (TCB textless 1,800 LOC) shows negligible runtime performance overhead in real-world applications including Cherokee web server (textless 0.69%), Apache httpd web server (textless 0.93%), and Mozilla Firefox web browser (textless 1.89%) with at most 12 LOC changes.

2015-05-05
Sihan Qing.  2014.  Some issues regarding operating system security. Computer and Information Science (ICIS), 2014 IEEE/ACIS 13th International Conference on. :1-1.

Summary form only given. In this presentation, several issues regarding operating system security will be investigated. The general problems of OS security are to be addressed. We also discuss why we should consider the security aspects of the OS, and when a secure OS is needed. We delve into the topic of secure OS design as well focusing on covert channel analysis. The specific operating systems under consideration include Windows and Android.