Containing a Confused Deputy on x86: A Survey of Privilege Escalation Mitigation Techniques
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2016, Vol 7, Issue 4
Abstract
The weak separation between user- and kernelspace in modern operating systems facilitates several forms of privilege escalation. This paper provides a survey of protection techniques, both cutting-edge and time-tested, used to prevent common privilege escalation attacks. The techniques are compared against each other in terms of their effectiveness, their performance impact, the complexity of their implementation, and their impact on diversification techniques such as ASLR. Overall the literature provides a litany of disjoint techniques, each of which trades some performance cost for effectiveness against a particular isolated threat. No single technique was found to effectively mitigate all known and potential attack vectors with reasonable performance cost overhead.
Authors and Affiliations
Scott Brookes, Stephen Taylor
Keywords
Related Articles
- EP ID EP149092
- DOI 10.14569/IJACSA.2016.070463
- Views 115
- Downloads 0
Throughput Analysis of Ieee802.11b Wireless Lan With One Access Point Using Opnet Simulator
This paper analyzes the throughput performance of IEEE 802.11b Wireless Local Area Network (WLAN) with one access point. The IEEE 802.11b is a wireless protocol standard. In this paper, a wireless network was estab...
Resources Management of Mobile Network IEEE 802.16e WiMAX
The evolution of the world of telecommunications towards the mobile multimedia following the technological advances has demonstrated that to provide access to the network is no longer sufficient. The need for users is to...
Fuzzy Risk-based Decision Method for Vehicular Ad Hoc Networks
A vehicular ad hoc network (VANET) is an emerging technology that has the potential to improve road safety and traveler comfort. In VANETs, mobile vehicles communicate with each other for the purpose of sharing various k...
Building a Robust Client-Side Protection Against Cross Site Request Forgery
In recent years, the web has been an indispensable part of business all over the world and web browsers have become the backbones of today's systems and applications. Unfortunately, the number of web application attacks...
Individual Syllabus for Personalized Learner-Centric E-Courses in E-Learning and M-Learning
Most of e-learning and m-learning systems are course-centric. These systems provided services that concentrated on course material and pedagogical. They did not take into account varieties of student levels, skills, inte...