通过算法复杂性攻击利用Unix文件系统竞争

2009 30th IEEE Symposium on Security and Privacy Pub Date : 2009-05-17 DOI:10.1109/SP.2009.10

Xiang Cai, Yuwei Gui, Rob Johnson

{"title":"通过算法复杂性攻击利用Unix文件系统竞争","authors":"Xiang Cai, Yuwei Gui, Rob Johnson","doi":"10.1109/SP.2009.10","DOIUrl":null,"url":null,"abstract":"We defeat two proposed Unix file-system race condition defense mechanisms. First, we attack the probabilistic defense mechanism of Tsafrir, et al., published at USENIX FAST 2008. We then show that the same attack breaks the kernel-based dynamic race detector of Tsyrklevich and Yee, published at USENIX Security 2003. We then argue that all kernel-based dynamic race detectors must have a model of the programs they protect or provide imperfect protection. The techniques we develop for performing these attacks work on multiple Unix operating systems, on uni- and multi-processors, and are useful for exploiting most Unix file-system races. We conclude that programmers should use provably-secure methods for avoiding race conditions when accessing the file-system.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"66","resultStr":"{\"title\":\"Exploiting Unix File-System Races via Algorithmic Complexity Attacks\",\"authors\":\"Xiang Cai, Yuwei Gui, Rob Johnson\",\"doi\":\"10.1109/SP.2009.10\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We defeat two proposed Unix file-system race condition defense mechanisms. First, we attack the probabilistic defense mechanism of Tsafrir, et al., published at USENIX FAST 2008. We then show that the same attack breaks the kernel-based dynamic race detector of Tsyrklevich and Yee, published at USENIX Security 2003. We then argue that all kernel-based dynamic race detectors must have a model of the programs they protect or provide imperfect protection. The techniques we develop for performing these attacks work on multiple Unix operating systems, on uni- and multi-processors, and are useful for exploiting most Unix file-system races. We conclude that programmers should use provably-secure methods for avoiding race conditions when accessing the file-system.\",\"PeriodicalId\":161757,\"journal\":{\"name\":\"2009 30th IEEE Symposium on Security and Privacy\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-05-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"66\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 30th IEEE Symposium on Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SP.2009.10\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 30th IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.2009.10","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 66

摘要

我们挫败了两种被提议的Unix文件系统竞争条件防御机制。首先，我们攻击Tsafrir等人在USENIX FAST 2008上发表的概率防御机制。然后，我们展示了相同的攻击破坏了tsyklevich和Yee在USENIX Security 2003上发表的基于内核的动态竞争检测器。然后，我们认为所有基于内核的动态竞态检测器都必须有一个它们所保护的程序的模型，或者提供不完美的保护。我们开发的用于执行这些攻击的技术适用于多个Unix操作系统、单处理器和多处理器，并且对于利用大多数Unix文件系统竞争非常有用。我们得出的结论是，程序员在访问文件系统时应该使用可证明安全的方法来避免竞争条件。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Exploiting Unix File-System Races via Algorithmic Complexity Attacks

We defeat two proposed Unix file-system race condition defense mechanisms. First, we attack the probabilistic defense mechanism of Tsafrir, et al., published at USENIX FAST 2008. We then show that the same attack breaks the kernel-based dynamic race detector of Tsyrklevich and Yee, published at USENIX Security 2003. We then argue that all kernel-based dynamic race detectors must have a model of the programs they protect or provide imperfect protection. The techniques we develop for performing these attacks work on multiple Unix operating systems, on uni- and multi-processors, and are useful for exploiting most Unix file-system races. We conclude that programmers should use provably-secure methods for avoiding race conditions when accessing the file-system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 30th IEEE Symposium on Security and Privacy

自引率

0.00%

发文量

期刊最新文献

A Logic of Secure Systems and its Application to Trusted Computing Noninterference for a Practical DIFC-Based Operating System Pretty-Bad-Proxy: An Overlooked Adversary in Browsers' HTTPS Deployments Formally Certifying the Security of Digital Signature Schemes Password Cracking Using Probabilistic Context-Free Grammars