Detecting race condition attacks on file systems

Posted on:2006-07-08

Degree:M.S

Type:Thesis

University:University of Missouri - Kansas City

Candidate:Vuchuru, Mayura

Full Text:PDF

GTID:2458390008975678

Subject:Computer Science

Abstract/Summary:

Race conditions on files occur when a process assumes that a sequence of operations on a file is atomic. However, during the timing window between these two operations, a malicious process can change characteristics of the file that the victim process is accessing. Hence the victim process will now operate on a modified or different file for its next operation. Several attacks have successfully exploited these race conditions causing significant damage especially when the victim process is running with super-user privileges. Our system provides a mechanism that will allow the detection of different types of file based race condition attacks. This is done by enforcement of two types of security policies: generic policies applicable to most programs and program-specific policies which incorporate a program's behavior. We discuss an evaluation of our system using an attack set we developed from CERT and RedHat Linux advisories.

Keywords/Search Tags:

File, Race, Process, Attacks

Related items

1	Study On Techniques Of Interpretation And Verification For BPEL Process
2	On The Reliability Of A Voting System Under Malicious Attacks
3	Studies On Process Deploy Techniques Of The BPEL Engine
4	Studies On Process Deploy Techniques Of The Bpel Engine
5	Research On Dynamic Data Race Detection
6	Control and Inspection of Distributed Process Groups at Extreme Scale via Group File Semantics
7	Research And Implement Of Host-based File Realtime Monitor Technology
8	Data Race Detection With Pending Period Representation
9	Simplified Semantics and Debugging of Concurrent Programs via Targeted Race Detection
10	The Design And Implementation Of File Management System In Fishery Supervision Bureau