| With the application scope expanding,Linux operating systems are faced with more security threats.And one of the serious threats is privilege-escalation attack.Once the attackers promote their user identify from normal user to root user,they can control the whole system.As the defence technologies continue to develop,various attacking methods appeard.In the recent years,the security researchers focused on the privilege-escalation vulnerabilities in the Linux kernel.With fine-grained access control,SELinux has reduced the threats of privilege-escalation attacks on Linux systems.First,we first analyzed the typical security mechanisms of Linux and the basic attacking methods of exploiting the kernel vulnerabilities,and studied the defence effects of SELinux against privilege-escalation attacks.Through the study,we found that SELinux can't defend the kernel privilege-escalation attacks completely.The attackers can comlete privilege-escalation attack by modifying the process' s security context.Secondly,aiming at the problems,we proposed security identifier randomization method.With this method,we can increase the uncertainty between security context and security identifier,which makes attackers can't predicate the security identifier related with security context.So this method can increase the difficulty of kernel privilege-escalation attacks.In the last,aiming at the shortcomings existing in the randomization method,we proposed anti-tamper detection method.There is a possibility that the attackers can break through the randomization method.Anti-tamper detection method can detect the illegal modification of security identifiers.So we can prevent kernel privilege-escalation attacks from breaking through the defense of SELinux on SELinux. |
PDF Full Text Request