| 基于模拟攻击的内核提权漏洞自动利用系统 |
| |
| 作者姓名: | 李晓琦 刘奇旭 张玉清 |
| |
| 作者单位: | 中国科学院大学 国家计算机网络入侵防范中心, 北京 101408 |
| |
| 基金项目: | 国家自然科学基金(61272481,61303239)、北京市自然科学基金(4122089)和国家发改委信息安全专项(发改办高技[2012]1424)资助 |
| |
| 摘 要: | 针对Linux下的内核级提权漏洞,基于模拟攻击的漏洞检测思想,设计并开发漏洞自动利用系统KernelPET,揭示典型提权漏洞的利用过程,从而为漏洞防御提供支持.KernelPET系统与主流漏洞库exploit-db、securityfocus等衔接,模拟攻击测试近百个提权漏洞,挑选30个经典的Linux内核提权漏洞载入KernelPET漏洞代码库,并基于不同内核、不同发行版的Linux平台测试.实验结果表明,KernelPET在多类发行版Linux系统下具有较好的效果.
|
| 关 键 词: | Linux内核 提权漏洞 漏洞利用 系统安全 |
| 收稿时间: | 2014-07-28 |
| 修稿时间: | 2014-10-13 |
Automatically exploiting system of kernel privilege escalation vulnerabilities based on imitating attack |
| |
| Authors: | LI Xiaoqi LIU Qixu ZHANG Yuqing |
| |
| Institution: | National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing 101408, China |
| |
| Abstract: | This paper focuses on the Linux kernel-level privilege escalation vulnerabilities. Based on vulnerability detection thoughts of imitating attack, we design and develop an automated privilege escalation vulnerabilities exploiting system KernelPET. It reveals the typical process of exploiting privilege escalation vulnerabilities, and provides support to vulnerabilities defense. KernelPET is developed with today's mainstream vulnerability databases: exploit-db, securityfocus, etc. We test nearly one hundred of privilege escalation vulnerabilities by simulated attack, select 30 classic Linux kernel privilege escalation vulnerabilities, and load them into KernelPET exploiting code libraries. The system is tested on different cores and releases of the Linux platform. Experimental results show that KernelPET runs in multi-class releases of Linux system with good results. |
| |
| Keywords: | Linux kernel privilege escalation vulnerabilities exploits system security |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《》浏览原始摘要信息 |
| 点击此处可从《》下载免费的PDF全文 |
|
