Volume 11 Number 4 (Jul. 2016)
Home > Archive > 2016 > Volume 11 Number 4 (Jul. 2016) >
JCP 2016 Vol.11(4): 280-288 ISSN: 1796-203X
doi: 10.17706/jcp.11.4.280-288

Libra: An Adaptive Method for Protecting Memory from Arbitrary Overwrite

Chun-Yi Wang1, Chieh-Wei Huang1, Fu-Hau Hsu1, Shih-Jen Chen2, Yao-Hsin Chen3
1Department of Computer Science and Information Engineering, National Central University, Taoyuan, Taiwan, R.O.C.
2Institute for Information Industry, Taipei, Taiwan, R.O.C.
3Information and Communication Research Laboratories, Industrial Technology Research Institute, Hsinchu, Taiwan, R.O.C.


Abstract—There have been more vulnerabilities in the Linux kernel in 2013 than there had been in the previous decade. In this paper, the research was focused on defending against arbitrary memory overwrite in privilege escalation. To avoid malicious users getting root authority, the easiest way is to set the sensitive data structure to read-only. But we are not sure the sensitive data structure will never be modified by legal behavior from a normal device driver; thus, we posed an adaptive solution between read-only solutions and writable solutions which is based on the mechanism of read-only IDT table to enhance compatibility. The main idea that we posed not only solves the above problem, but also the general problem which is ensuring that important memory values can only be changed within a safe range. It is not just set to read-only. In addition, we do not need to care about if the Linux kernel exists any the vulnerabilities of arbitrary memory overwrite.

Index Terms—Arbitrary memory overwrite, exploit, Linux kernel vulnerabilities, privilege escalation.

[PDF]

Cite: Chun-Yi Wang, Chieh-Wei Huang, Fu-Hau Hsu, Shih-Jen Chen, Yao-Hsin Chen, "Libra: An Adaptive Method for Protecting Memory from Arbitrary Overwrite," Journal of Computers vol. 11, no. 4, pp. 280-288, 2016.

General Information

ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Bimonthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO,  ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat,etc
E-mail: jcp@iap.org
  • Nov 14, 2019 News!

    Vol 14, No 11 has been published with online version   [Click]

  • Mar 20, 2020 News!

    Vol 15, No 2 has been published with online version   [Click]

  • Dec 16, 2019 News!

    Vol 14, No 12 has been published with online version   [Click]

  • Sep 16, 2019 News!

    Vol 14, No 9 has been published with online version   [Click]

  • Aug 16, 2019 News!

    Vol 14, No 8 has been published with online version   [Click]

  • Read more>>