A4 Refereed article in a conference publication
Preventing malicious attacks by diversifying Linux shell commands
Authors: Joni Uitto, Sampsa Rauti, Samuel Laurén, Ville Leppänen
Conference name: Symposium on Programming Languages and Software Tools
Publication year: 2015
Journal: CEUR Workshop Proceedings
Series title: CEUR Workshop Proceedings
Volume: 1525
First page : 206
Last page: 220
Number of pages: 15
ISSN: 1613-0073
Web address : http://ceur-ws.org/Vol-1525/paper-15.pdf
In instruction set diversifi cation, a "language" used in a system is uniquely diversi fied in order to protect software against malicious attacks. In this paper, we apply diversi fication to Linux shell commands in order to prevent malware from taking advantage of the functionality they provide. When the Linux shell commands are diversi fied, malware no longer knows the correct commands and cannot use the shell to achieve its goals. We demonstrate this by using Shellshock as an example. This paper presents a scheme that diversifi es the commands of Bash, the most widely used Linux shell and all the scripts in the system. The feasibility of our scheme is tested with a proof-of-concept implementation. We also present a study on the extent of changes required to make all the trusted scripts and applications in the system use the new diversi fied shell commands.