{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,8]],"date-time":"2024-09-08T11:44:04Z","timestamp":1725795844331},"publisher-location":"Cham","reference-count":58,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319085081"},{"type":"electronic","value":"9783319085098"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-08509-8_12","type":"book-chapter","created":{"date-parts":[[2014,6,13]],"date-time":"2014-06-13T07:04:32Z","timestamp":1402643072000},"page":"212-234","source":"Crossref","is-referenced-by-count":19,"title":["Quantifiable Run-Time Kernel Attack Surface Reduction"],"prefix":"10.1007","author":[{"given":"Anil","family":"Kurmus","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sergej","family":"Dechand","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"R\u00fcdiger","family":"Kapitza","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"12_CR1","unstructured":"Accetta, M., Baron, R., Golub, D., Rashid, R., Tevanian, A., Young, M.: MACH: A New Kernel Foundation for UNIX Development. In: Proceedings of the USENIX Summer Conference (1986)"},{"key":"12_CR2","unstructured":"Acharya, A., Raje, M.: MAPbox: using parameterized behavior classes to confine untrusted applications. In: Proceedings of the 9th conference on USENIX Security Symposium-Volume, vol.\u00a09 (2000)"},{"key":"12_CR3","unstructured":"Boyd-Wickizer, S., Zeldovich, N.: Tolerating malicious device drivers in linux. In: Proceedings of the 2010 USENIX Conference on USENIX Annual Technical Conference, Berkeley, CA, USA (2010)"},{"key":"12_CR4","doi-asserted-by":"crossref","unstructured":"Canali, D., Lanzi, A., Balzarotti, D., Kruegel, C., Christodorescu, M., Kirda, E.: A quantitative study of accuracy in system call-based malware detection. In: Proceedings of the 2012 International Symposium on Software Testing and Analysis, New York, NY, USA (2012)","DOI":"10.1145\/2338965.2336768"},{"key":"12_CR5","doi-asserted-by":"crossref","unstructured":"Carbone, M., Cui, W., Lu, L., Lee, W., Peinado, M., Jiang, X.: Mapping kernel objects to enable systematic integrity checking. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, New York, NY, USA (2009)","DOI":"10.1145\/1653662.1653729"},{"key":"12_CR6","unstructured":"Castro, M., Costa, M., Martin, J.P., Peinado, M., Akritidis, P., Donnelly, A., Barham, P., Black, R.: Fast byte-granularity software fault isolation. In: [40]"},{"key":"12_CR7","doi-asserted-by":"crossref","unstructured":"Chanet, D., Sutter, B.D., Bus, B.D., Put, L.V., Bosschere, K.D.: System-wide compaction and specialization of the linux kernel. In: Proceedings of the 2005 ACM SIGPLAN\/SIGBED Conference on Languages, Compilers and Tools for Embedded Systems (LCTES 2005), New York, NY, USA (2005)","DOI":"10.1145\/1065910.1065925"},{"key":"12_CR8","doi-asserted-by":"crossref","unstructured":"Criswell, J., Lenharth, A., Dhurjati, D., Adve, V.: Secure virtual architecture: A safe execution environment for commodity operating systems. In: Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP 2007), New York, NY, USA (2007)","DOI":"10.1145\/1294261.1294295"},{"key":"12_CR9","unstructured":"Dan, A., Mohindra, A., Ramaswami, R., Sitaram, D.: Chakravyuha: A sandbox operating system for the controlled execution of alien code. Tech. rep., IBM TJ Watson research center (1997)"},{"key":"12_CR10","unstructured":"Donenfeld, J.A.: Linux local privilege escalation via suid \/proc\/pid\/mem write (2012), http:\/\/blog.zx2c4.com\/749"},{"key":"12_CR11","unstructured":"Esser, S.: iOS Kernel Exploitation (2011), http:\/\/media.blackhat.com\/bh-us-11\/Esser\/BH_US_11_Esser_Exploiting_The_iOS_Kernel_Slides.pdf"},{"key":"12_CR12","unstructured":"Evans, C.: Pwnium 3 and Pwn2Own Results (2012), http:\/\/blog.chromium.org\/2013\/03\/pwnium-3-and-pwn2own-results.html"},{"key":"12_CR13","unstructured":"Feng, H.H., Kolesnikov, O.M., Fogla, P., Lee, W., Gong, W.: Anomaly detection using call stack information. In: Proceedings of the 2003 IEEE Symposium on Security and Privacy, Washington, DC, USA (2003)"},{"key":"12_CR14","doi-asserted-by":"crossref","unstructured":"Forrest, S., Hofmeyr, S., Somayaji, A.: The evolution of system-call monitoring. In: Proceedings of the 2008 Annual Computer Security Applications Conference, Washington, DC, USA (2008)","DOI":"10.1109\/ACSAC.2008.54"},{"key":"12_CR15","unstructured":"Forrest, S., Hofmeyr, S.A., Somayaji, A., Longstaff, T.A.: A sense of self for unix processes. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, Washington, DC, USA (1996)"},{"key":"12_CR16","doi-asserted-by":"crossref","unstructured":"Gao, D., Reiter, M.K., Song, D.: Gray-box extraction of execution graphs for anomaly detection. In: Proceedings of the 11th ACM Conference on Computer and Communicastions Security, New York, NY, USA (2004)","DOI":"10.1145\/1030083.1030126"},{"key":"12_CR17","unstructured":"Garfinkel, T.: Traps and pitfalls: Practical problems in system call interposition based security tools. In: NDSS (2003)"},{"key":"12_CR18","unstructured":"Goldberg, I., Wagner, D., Thomas, R., Brewer, E.A.: A secure environment for untrusted helper applications confining the wily hacker. In: Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography, vol.\u00a06 (1996)"},{"key":"12_CR19","unstructured":"Google: Seccomp sandbox for linux (2009)"},{"key":"12_CR20","unstructured":"Hartig, H., Hohmuth, M., Feske, N., Helmuth, C., Lackorzynski, A., Mehnert, F., Peter, M.: The nizza secure-system architecture. In: 2005 International Conference on Collaborative Computing: Networking, Applications and Worksharing (2005)"},{"key":"12_CR21","doi-asserted-by":"crossref","unstructured":"Heiser, G., Leslie, B.: The okl4 microvisor: convergence point of microkernels and hypervisors. In: Proceedings of the First ACM Asia-Pacific Workshop on Systems, New York, NY, USA (2010)","DOI":"10.1145\/1851276.1851282"},{"key":"12_CR22","doi-asserted-by":"crossref","unstructured":"Herder, J.N., Bos, H., Gras, B., Homburg, P., Tanenbaum, A.S.: Construction of a highly dependable operating system. In: Proceedings of the Sixth European Dependable Computing Conference, Washington, DC, USA (2006a)","DOI":"10.1109\/EDCC.2006.7"},{"key":"12_CR23","doi-asserted-by":"crossref","unstructured":"Herder, J.N., Bos, H., Gras, B., Homburg, P., Tanenbaum, A.S.: Minix 3: a highly reliable, self-repairing operating system. SIGOPS Oper. Syst. Rev.\u00a040(3) (2006b)","DOI":"10.1145\/1151374.1151391"},{"key":"12_CR24","doi-asserted-by":"crossref","unstructured":"Herder, J.N., Bos, H., Gras, B., Homburg, P., Tanenbaum, A.S.: Countering ipc threats in multiserver operating systems (a fundamental requirement for dependability). In: Proceedings of the 2008 14th IEEE Pacific Rim International Symposium on Dependable Computing, Washington, DC, USA (2008)","DOI":"10.1109\/PRDC.2008.25"},{"key":"12_CR25","doi-asserted-by":"crossref","unstructured":"Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. J. Comput. Secur. 6(3) (1998)","DOI":"10.3233\/JCS-980109"},{"key":"12_CR26","doi-asserted-by":"crossref","unstructured":"Hohmuth, M., Peter, M., H\u00e4rtig, H., Shapiro, J.S.: Reducing tcb size by using untrusted components: small kernels versus virtual-machine monitors. In: Proceedings of the 11th Workshop on ACM SIGOPS European Workshop, New York, NY, USA (2004)","DOI":"10.1145\/1133572.1133615"},{"key":"12_CR27","doi-asserted-by":"crossref","unstructured":"Jaeger, T., Edwards, A., Zhang, X.: Consistency analysis of authorization hook placement in the linux security modules framework. ACM Trans. Inf. Syst. Secur.\u00a07(2) (2004)","DOI":"10.1145\/996943.996944"},{"key":"12_CR28","unstructured":"Kemerlis, V.P., Portokalidis, G., Keromytis, A.D.: kguard: lightweight kernel protection against return-to-user attacks. In: Proceedings of the 21st USENIX Conference on Security Symposium, Berkeley, CA, USA (2012)"},{"key":"12_CR29","unstructured":"Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: sel4: formal verification of an os kernel. In: [40]"},{"key":"12_CR30","unstructured":"Kruegel, C., Kirda, E., Mutz, D., Robertson, W., Vigna, G.: Automating mimicry attacks using static binary analysis. In: Proceedings of the 14th Conference on USENIX Security Symposium, Berkeley, CA, USA, vol.\u00a014 (2005)"},{"key":"12_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"326","DOI":"10.1007\/978-3-540-39650-5_19","volume-title":"Computer Security \u2013 ESORICS 2003","author":"C. Kruegel","year":"2003","unstructured":"Kruegel, C., Mutz, D., Valeur, F., Vigna, G.: On the detection of anomalous system call arguments. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol.\u00a02808, pp. 326\u2013343. Springer, Heidelberg (2003)"},{"key":"12_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"471","DOI":"10.1007\/978-3-642-25821-3_24","volume-title":"Middleware 2011","author":"A. Kurmus","year":"2011","unstructured":"Kurmus, A., Gupta, M., Pletka, R., Cachin, C., Haas, R.: A comparison of secure multi-tenancy architectures for filesystem storage clouds. In: Kon, F., Kermarrec, A.-M. (eds.) Middleware 2011. LNCS, vol.\u00a07049, pp. 471\u2013490. Springer, Heidelberg (2011)"},{"key":"12_CR33","doi-asserted-by":"crossref","unstructured":"Kurmus, A., Sorniotti, A., Kapitza, R.: Attack Surface Reduction For Commodity OS Kernels. In: Proceedings of the Fourth European Workshop on System Security (2011b)","DOI":"10.1145\/1972551.1972557"},{"key":"12_CR34","unstructured":"Kurmus, A., Tartler, R., Dorneanu, D., Heinloth, B., Rothberg, V., Ruprecht, A., Schr\u00f6der-Preikschat, W., Lohmann, D., Kapitza, R.: Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring. In: Proceedings of the 20th Network and Distributed System Security Symposium (2013)"},{"key":"12_CR35","doi-asserted-by":"crossref","unstructured":"Lee, C., Lin, J., Hong, Z., Lee, W.: An application-oriented linux kernel customization for embedded systems. Journal of information science and engineering\u00a020(6) (2004)","DOI":"10.1145\/1119772.1119926"},{"key":"12_CR36","doi-asserted-by":"crossref","unstructured":"Lenharth, A., Adve, V.S., King, S.T.: Recovery domains: an organizing principle for recoverable operating systems. In: Proceedings of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems, New York, NY, USA (2009)","DOI":"10.1145\/1508244.1508251"},{"key":"12_CR37","doi-asserted-by":"crossref","unstructured":"Liedtke, J.: On \u03bc-kernel construction. In: Proceedings of the 15th ACM Symposium on Operating Systems Principles, SOSP 1995 (1995)","DOI":"10.1145\/224056.224075"},{"key":"12_CR38","doi-asserted-by":"crossref","unstructured":"Ma, W., Duan, P., Liu, S., Gu, G., Liu, J.C.: Shadow attacks: automatically evading system-call-behavior based malware detection. J. Comput. Virol.\u00a08(1-2) (2012)","DOI":"10.1007\/s11416-011-0157-5"},{"key":"12_CR39","doi-asserted-by":"crossref","unstructured":"Mao, Y., Chen, H., Zhou, D., Wang, X., Zeldovich, N., Kaashoek, M.F.: Software fault isolation with api integrity and multi-principal modules. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles (SOSP 2011), New York, NY, USA (2011)","DOI":"10.1145\/2043556.2043568"},{"key":"12_CR40","unstructured":"Matthews, J.N., Anderson, T.E. (eds.): Proceedings of the 22nd ACM Symposium on Operating Systems Principles (SOSP 2009), New York, NY, USA (2009)"},{"key":"12_CR41","doi-asserted-by":"crossref","unstructured":"McCabe, T.: A complexity measure. IEEE Transactions on Software Engineering\u00a0SE-2(4) (1976)","DOI":"10.1109\/TSE.1976.233837"},{"key":"12_CR42","unstructured":"McCanne, S., Jacobson, V.: The bsd packet filter: a new architecture for user-level packet capture. In: Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings, Berkeley, CA, USA (1993)"},{"key":"12_CR43","doi-asserted-by":"crossref","unstructured":"McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for tcb minimization. SIGOPS Oper. Syst. Rev.\u00a042(4) (2008)","DOI":"10.1145\/1357010.1352625"},{"key":"12_CR44","doi-asserted-by":"crossref","unstructured":"Murray, D.G., Milos, G., Hand, S.: Improving xen security through disaggregation. In: Proceedings of the Fourth ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments, New York, NY, USA (2008)","DOI":"10.1145\/1346256.1346278"},{"key":"12_CR45","doi-asserted-by":"crossref","unstructured":"Mutz, D., Valeur, F., Vigna, G., Kruegel, C.: Anomalous system call detection. ACM Trans. Inf. Syst. Secur.\u00a09(1) (2006)","DOI":"10.1145\/1127345.1127348"},{"key":"12_CR46","unstructured":"Provos, N.: Improving host security with system call policies. In: Proceedings of the 12th Conference on USENIX Security Symposium, vol.\u00a012 (2003)"},{"key":"12_CR47","doi-asserted-by":"crossref","unstructured":"Sculley, D.: Web-scale k-means clustering. In: Proceedings of the 19th International Conference on World Wide Web, New York, NY, USA (2010)","DOI":"10.1145\/1772690.1772862"},{"key":"12_CR48","doi-asserted-by":"crossref","unstructured":"Seshadri, A., Luk, M., Qu, N., Perrig, A.: Secvisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity oses. In: Proceedings of Twenty-First ACM SIGOPS Symposium on Operating Systems Principles, New York, NY, USA (2007)","DOI":"10.1145\/1294261.1294294"},{"key":"12_CR49","doi-asserted-by":"crossref","unstructured":"Shin, Y., Williams, L.: Is complexity really the enemy of software security? In: Proceedings of the 4th ACM Workshop on Quality of Protection, New York, NY, USA (2008)","DOI":"10.1145\/1456362.1456372"},{"key":"12_CR50","unstructured":"Smalley, S., Vance, C., Salamon, W.: Implementing SELinux as a Linux security module. Tech. rep., NAI Labs Report (2001)"},{"key":"12_CR51","unstructured":"Spengler, B.: PaX team: grsecurity kernel patches (2003), http:\/\/www.grsecurity.net"},{"key":"12_CR52","doi-asserted-by":"crossref","unstructured":"Swift, M.M., Martin, S., Levy, H.M., Eggers, S.J.: Nooks: an architecture for reliable device drivers. In: Proceedings of the 9th ACM SIGOPS European Workshop \u201cBeyond the PC: New Challenges for the Operating System\u201d, New York, NY, USA (2002)","DOI":"10.1145\/1133373.1133393"},{"key":"12_CR53","doi-asserted-by":"crossref","unstructured":"Tan, K.M.C., McHugh, J., Killourhy, K.S.: Hiding intrusions: From the abnormal to the normal and beyond. In: Revised Papers from the 5th International Workshop on Information Hiding, London, UK, UK (2003)","DOI":"10.1007\/3-540-36415-3_1"},{"key":"12_CR54","unstructured":"Wagner, D., Dean, D.: Intrusion detection via static analysis. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, Washington, DC, USA (2001)"},{"key":"12_CR55","doi-asserted-by":"crossref","unstructured":"Wagner, D., Soto, P.: Mimicry attacks on host-based intrusion detection systems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, New York, NY, USA (2002)","DOI":"10.1145\/586110.586145"},{"key":"12_CR56","unstructured":"Watson, R.N.M.: Exploiting concurrency vulnerabilities in system call wrappers. In: Proceedings of the First USENIX Workshop on Offensive Technologies, Berkeley, CA, USA (2007)"},{"key":"12_CR57","doi-asserted-by":"crossref","unstructured":"Watson, R.N.M.: A decade of os access-control extensibility. Commun. ACM\u00a056(2) (2013)","DOI":"10.1145\/2408776.2408792"},{"key":"12_CR58","unstructured":"Wright, C., Cowan, C., Morris, J., Smalley, S., Kroah-Hartman, G.: Linux security module framework. In: Ottawa Linux Symposium, vol.\u00a08032 (2002)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-08509-8_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,8]],"date-time":"2022-04-08T00:50:15Z","timestamp":1649379015000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-08509-8_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319085081","9783319085098"],"references-count":58,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-08509-8_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2014]]}}}