A4 Article in conference proceedings
Preventing malicious attacks by diversifying Linux shell commands




List of Authors: Joni Uitto, Sampsa Rauti, Samuel Laurén, Ville Leppänen
Publication year: 2015
Journal: CEUR Workshop Proceedings
Title of series: CEUR Workshop Proceedings
Volume number: 1525
Number of pages: 15
ISSN: 1613-0073

Abstract


In instruction set diversifi cation, a "language" used in a system is uniquely diversi fied in order to protect software against malicious attacks. In this paper, we apply diversi fication to Linux shell commands in order to prevent malware from taking advantage of the functionality they provide. When the Linux shell commands are diversi fied, malware no longer knows the correct commands and cannot use the shell to achieve its goals. We demonstrate this by using Shellshock as an example. This paper presents a scheme that diversifi es the commands of Bash, the most widely used Linux shell and all the scripts in the system. The feasibility of our scheme is tested with a proof-of-concept implementation. We also present a study on the extent of changes required to make all the trusted scripts and applications in the system use the new diversi fied shell commands.



Last updated on 2019-20-07 at 04:22