PrivGuard: Protecting Sensitive Kernel Data From Privilege Escalation Attacks

Weizhong Qiang; Jiawei Yang; Hai Jin; Xuanhua Shi

doi:10.1109/ACCESS.2018.2866498

IEEE Access (Jan 2018)

PrivGuard: Protecting Sensitive Kernel Data From Privilege Escalation Attacks

Weizhong Qiang,
Jiawei Yang,
Hai Jin,
Xuanhua Shi

Affiliations

Weizhong Qiang: ORCiD; Services Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Security Engineering Research Center, School of ComputerScience and Technology, Huazhong University of Science and Technology, Wuhan, China
Jiawei Yang: Services Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Security Engineering Research Center, School of ComputerScience and Technology, Huazhong University of Science and Technology, Wuhan, China
Hai Jin: ORCiD; Services Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Security Engineering Research Center, School of ComputerScience and Technology, Huazhong University of Science and Technology, Wuhan, China
Xuanhua Shi: Services Computing Technology and System Lab, Cluster and Grid Computing Lab, Big Data Security Engineering Research Center, School of ComputerScience and Technology, Huazhong University of Science and Technology, Wuhan, China

DOI: https://doi.org/10.1109/ACCESS.2018.2866498
Journal volume & issue: Vol. 6
pp. 46584 – 46594

Abstract

Read online

Kernels of operating systems are written in low-level unsafe languages, which make them inevitably vulnerable to memory corruption attacks. Most existing kernel defense mechanisms focus on preventing control-data attacks. Recently, attackers have turned the direction to non-control-data attacks by hijacking data flow, so as to bypass current defense mechanisms. Previous work has proved that noncontrol-data attacks are the critical threat to kernels. One of the important purposes of these attacks is to achieve privilege escalation by overwriting sensitive kernel data. The goal of our research is to develop a lightweight protection mechanism to mitigate non-control-data attacks that compromise sensitive kernel data. We propose an approach that enforces data integrity of sensitive kernel data by preventing the illegal write to these data to mitigate privilege escalation attacks. The main challenge of the proposed approach is to validate the modification of sensitive kernel data at runtime. The validation routine must verify the legitimacy of the duplicated sensitive data and ensure the credibility of the verification. To address this challenge, we modify the system call entry point to monitor the change of the sensitive kernel data without any change to Linux access control mechanism. Then, we use stack canaries to protect the duplication of sensitive kernel data that are used for integrity checking. In addition, we protect the integrity of sensitive kernel data by forbidding illegal updates to them. We have implemented the prototype for Linux kernel on Ubuntu Linux platform. The evaluation results of our prototype demonstrate that it can mitigate privilege escalation attacks and its performance overhead is moderate.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords