Practical {Data-Only} Attack Generation
As control-flow hijacking is getting harder due to increasingly sophisticated CFI solutions,
recent work has instead focused on automatically building data-only attacks, typically using …
recent work has instead focused on automatically building data-only attacks, typically using …
{VIPER}: Spotting {Syscall-Guard} Variables for {Data-Only} Attacks
As control-flow protection techniques are widely deployed, it is difficult for attackers to modify
control data, like function pointers, to hijack program control flow. Instead, data-only attacks …
control data, like function pointers, to hijack program control flow. Instead, data-only attacks …
Syspart: Automated temporal system call filtering for binaries
VL Rajagopalan, K Kleftogiorgos, E Göktas… - Proceedings of the …, 2023 - dl.acm.org
Restricting the system calls available to applications reduces the attack surface of the kernel
and limits the functionality available to compromised applications. Recent approaches …
and limits the functionality available to compromised applications. Recent approaches …
Evaluating the Effect of Improved Indirect Call Resolution on System Call Debloating
VL Rajagopalan, G Portokalidis - Proceedings of the 2024 Workshop on …, 2024 - dl.acm.org
Applications use only a small set of the system calls made available by the operating
system. Modifying programs to debloat or disallow unused system calls is a mitigation …
system. Modifying programs to debloat or disallow unused system calls is a mitigation …
B-Side: Binary-Level Static System Call Identification
G Thévenon, K Nguetchouang, K Lazri… - Proceedings of the 25th …, 2024 - dl.acm.org
System call filtering is widely used to secure programs in multi-tenant environments, and to
sandbox applications in modern desktop software deployment and package management …
sandbox applications in modern desktop software deployment and package management …
Making'syscall'a Privilege not a Right
Browsers, Library OSes, and system emulators rely on sandboxes and in-process isolation
to emulate system resources and securely isolate untrusted components. All access to …
to emulate system resources and securely isolate untrusted components. All access to …
KUBEROSY: A Dynamic System Call Filtering Framework for Containers
With the rapid adoption of cloud environments, container technology has become crucial for
the efficient operation of large-scale applications. Although container technology offers high …
the efficient operation of large-scale applications. Although container technology offers high …
Attack Surface Reduction Through System Call Filtering
S Ghavamnia - 2023 - search.proquest.com
Attack surface reduction through the removal of unnecessary application features and code
is a promising technique for improving security without incurring any additional overhead …
is a promising technique for improving security without incurring any additional overhead …