DocumentCode
261371
Title
A method for system calls sandboxing based on atomic trusted code region
Author
Subotic, Milos ; Fimic, Nemanja ; Dejanovic, Darko ; Miljkovic, Goran
Author_Institution
RT-RK Inst. for Comput. Based Syst., Novi Sad, Serbia
fYear
2014
fDate
7-10 Sept. 2014
Firstpage
453
Lastpage
456
Abstract
This paper presents a new algorithm for the sandboxing system calls based on the atomic trusted code region. The algorithm successfully protects against any kind of code-injection attacks as well as any kind of mimicry attack including known-address attacks and scanning attacks. The algorithm is lightweight and simple. The implementation of algorithm does not need any change on an untrusted machine code and does not need extensive changes on system source code. Whole security policy could be enforced in user space as a plug-in, which gives great flexibility.
Keywords
security of data; atomic trusted code region; code-injection attacks; known-address attacks; mimicry attack; sandboxing system calls; scanning attacks; security policy; system source code; untrusted machine code; user space; Aerospace electronics; Androids; Kernel; Libraries; Security; Sockets; Security; code-injection; mimicry attack; sandboxing; system calls;
fLanguage
English
Publisher
ieee
Conference_Titel
Consumer Electronics ??? Berlin (ICCE-Berlin), 2014 IEEE Fourth International Conference on
Conference_Location
Berlin
Type
conf
DOI
10.1109/ICCE-Berlin.2014.7034257
Filename
7034257
Link To Document