Investigating Exploitable Design Patterns for More Advanced Protection Design
Open Access
- Author:
- Chen, Yueqi
- Graduate Program:
- Information Sciences and Technology
- Degree:
- Doctor of Philosophy
- Document Type:
- Dissertation
- Date of Defense:
- June 07, 2022
- Committee Members:
- Trent Jaeger, Outside Unit & Field Member
Peng Liu, Major Field Member
Xinyu Xing, Chair & Dissertation Advisor
Vasileios P. Kemerlis, Special Member
Dinghao Wu, Major Field Member
Mary Beth Rosson, Program Head/Chair - Keywords:
- System Security
Software Security
Operating System
Exploitability - Abstract:
- For a long time, due to the lack of systematic research on exploitable design patterns, software systems are not as secure as expected. With the discovery of massive vulnerabil- ities and the shortage of workforce, developers prioritize vulnerability remediation based on hype and media attention. They are unable to assess the severity of vulnerabilities because they are clueless about the implied exploitable design patterns. As a result, broadly adopted software inevitably contains exploitable but unpatched vulnerabili- ties. To prevent unpatched vulnerabilities from causing foreseen damage, the industry scrambles to design and deploy various defense schemes. However, as there is short of scientific methods for quantifying how well these defenses can mitigate exploitable design patterns, the adoption of defense mechanisms dramatically relies upon analysts’ subjective judgment. A defense method with relatively high overhead might be ruthlessly abandoned, despite providing substantial protection for software systems. To make meaningful progress, I propose to shift our research to study exploitable design patterns in a systematic approach. This approach provides security analysts with the ability to quantify the impact of an exploitable design pattern and thus facilitate the development and assessment of corresponding defense solutions. In this dissertation, I focus on investigating exploitable design patterns and designing advanced protection mechanisms in the operating system kernels. More specifically, I start from developing techniques to explore corruption capability of kernel vulnerabilities. Then, I leverage static analysis techniques and dynamic analysis techniques to identify design patterns that are commonly adopted in various OS kernels. Through the explored corruption capability, I evaluate the exploitability of the design pattern. Following this, I facilitate the evaluation by manipulating slab layout to obtain exploitable primitives. These primitives are further examined against existing defenses to demonstrate their limitations. This investigation procedure motivates the design of a new protection mechanism that can harden OS kernel on-demand and on-the-fly with negligible overhead. In the future, I plan to further advance the exploitable design pattern investigation approach to make it a fundamental part of the entire software development lifecycle (SDLC). In pursuit of this goal, I will enrich techniques to deal with more attack forms under new contexts. Following this, I intend to optimize and re-construct existing defenses, extending them to mitigate exploitable design patterns in new contexts, under the guidance of quantitative evaluation.