Containing a Confused Deputy on x86: A Survey of Privilege Escalation Mitigation Techniques
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2016, Vol 7, Issue 4
Abstract
The weak separation between user- and kernelspace in modern operating systems facilitates several forms of privilege escalation. This paper provides a survey of protection techniques, both cutting-edge and time-tested, used to prevent common privilege escalation attacks. The techniques are compared against each other in terms of their effectiveness, their performance impact, the complexity of their implementation, and their impact on diversification techniques such as ASLR. Overall the literature provides a litany of disjoint techniques, each of which trades some performance cost for effectiveness against a particular isolated threat. No single technique was found to effectively mitigate all known and potential attack vectors with reasonable performance cost overhead.
Authors and Affiliations
Scott Brookes, Stephen Taylor
Keywords
Related Articles
- EP ID EP149092
- DOI 10.14569/IJACSA.2016.070463
- Views 116
- Downloads 0
Cloud and Web Technologies: Technical Improvements and Their Implications on E-Governance
Cloud computing technology helps to improve ICT based services like e-governance execution and create new business opportunities and their implementation. Cloud computing is an evolution of web based internet application...
STUDY OF INDIAN BANKS WEBSITES FOR CYBER CRIME SAFETY MECHANSIM
The human society has undergone tremendous changes from time to time with rapid pace at social level from the beginning and technological level ever since the rise of technologies. This technology word changes the human...
Meteonowcasting using Deep Learning Architecture
The area of deep learning has enjoyed a resurgence on its peak, in almost every field of interest. Weather forecasting is a complicated and one of the most challenging tasks that includes observing and processing huge am...
Linking Context to Data Warehouse Design
Data warehouses are now widely used for analysis and decision support purposes. The availability of software solutions, which are more and more user-friendly and easy to manipulate has made it possible to extend their us...
Development of a Computer Aided Transport Monitoring System (CATRAMS) for Manufacturing Organizations
Presently, there are different types of monitoring systems and devices being used to monitor vehicles, products, processes and activities in manufacturing organizations. Each of these devices has their unique strengths a...