A framework for dynamic subversion
Download
Author
Rogers, David T.
Date
2003-06Advisor
Irvine, Cynthia E.
Second Reader
Schell, Roger R.
Metadata
Show full item recordAbstract
The subversion technique of attacking an operating system is often overlooked in information security. Operating Systems are vulnerable throughout their lifecycle in that small artifices can be inserted into an operating system's code that, on command, can completely disable its security mechanisms. To illustrate that this threat is viable, it is shown that it is not difficult for an attacker to implement the framework for the "two-card loader" type of subversion, a trap door which enables the insertion of arbitrary code into the operating system while the system is deployed and running. This framework provides several services such as memory allocation in the attacked system, and mechanisms for relocating, linking and loading the inserted attack code. Additionally, this thesis shows how Windows XP embedded designers can use Intel's x86 hardware more effectively to build a higher assurance operating system. Principles of hardware support are discussed and recommendations are presented. Subversion is overlooked because critics believe the attack is too difficult to carry out. It is illustrated in this thesis that this is simply not the case. Anyone with access to the operating system code at some point in its lifecycle can design a fairly elaborate subversion artifice with modest effort.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
An exfiltration subversion demonstration
Murray, Jessica L. (Monterey, California. Naval Postgraduate School, 2003-06);A dynamic subversion attack on the Windows XP Embedded operating system is demonstrated to raise awareness in developers and consumers of the risk of subversion in commercial operating systems that may be safety critical. ... -
Using the bootstrap concept to build an adaptable and compact subversion artifice
Lack, Lindsey A. (Monterey, California. Naval Postgraduate School, 2003-06);The attack of choice for a professional attacker is system subversion: the insertion of a trap door that allows the attacker to bypass an operating system's protection controls. This attack provides significant capabilities ... -
CGC monitor: A vetting system for the DARPA cyber grand challenge
Thompson, Michael F.; Vidas, Timothy (Elsevier, 2018);The DARPA Cyber Grand Challenge (CGC) pit autonomous machines against one another in a battle to discover, mitigate, and take advantage of software vulnerabilities. The competitors repeatedly formulated and submitted binary ...