A4 Vertaisarvioitu artikkeli konferenssijulkaisussa
Diversification of System Calls in Linux Binaries
Tekijät: Sampsa Rauti, Samuel Laurén, Shohreh Hosseinzadeh, Jari-Matti Mäkelä, Sami Hyrynsalmi, Ville Leppänen
Toimittaja: Moti Yung, Liehuang Zhu, Yanjiang Yang
Konferenssin vakiintunut nimi: International Conference on Trusted Systems
Julkaisuvuosi: 2015
Kokoomateoksen nimi: Trusted systems. Proceedings of the 6th International Conference on Trustworthy Systems (InTrust 2014)
Sarjan nimi: Security and cryptology
Vuosikerta: 9473
Aloitussivu: 15
Lopetussivu: 35
Sivujen määrä: 21
ISBN: 978-3-319-27997-8
ISSN: 0302-9743
DOI: https://doi.org/10.1007/978-3-319-27998-5
In this paper, we analyze the presence of system calls in the ELF binaries. We study the locations of system calls in the software layers of Linux and also examine how many binaries in the whole system use system calls.
Additionally, we discuss the different ways system calls are coded in ELF binaries and the challenges this causes for the diversification process. Also, we present a diversification tool and also suggest several solutions to overcome the difficulties faced in system call diversification. The amount of problematic system calls is small, and our diversification tool manages to diversify the clear majority of system calls present in standard-like Linux configurations. For diversifying all the remaining system calls, we consider several possible approaches.
