A4 Refereed article in a conference publication

Preventing malicious attacks by diversifying Linux shell commands




AuthorsJoni Uitto, Sampsa Rauti, Samuel Laurén, Ville Leppänen

Conference nameSymposium on Programming Languages and Software Tools

Publication year2015

JournalCEUR Workshop Proceedings

Series titleCEUR Workshop Proceedings

Volume1525

First page 206

Last page220

Number of pages15

ISSN1613-0073

Web address http://ceur-ws.org/Vol-1525/paper-15.pdf


Abstract

In instruction set diversifi cation, a "language" used in a system is uniquely diversi fied in order to protect software against malicious attacks. In this paper, we apply diversi fication to Linux shell commands in order to prevent malware from taking advantage of the functionality they provide. When the Linux shell commands are diversi fied, malware no longer knows the correct commands and cannot use the shell to achieve its goals. We demonstrate this by using Shellshock as an example. This paper presents a scheme that diversifi es the commands of Bash, the most widely used Linux shell and all the scripts in the system. The feasibility of our scheme is tested with a proof-of-concept implementation. We also present a study on the extent of changes required to make all the trusted scripts and applications in the system use the new diversi fied shell commands.




Last updated on 2024-26-11 at 21:04