Abstract | ||
---|---|---|
The kernel exploit attacks have recently become difficult to be launched because executing either malicious scripts or instructions is prohibited by the DEP/NX (Data Execution Prevention/Not Executable). As an alternative way, return-oriented programming (ROP) could be another option to treat the prevention. However, despite lots of cost for making ROP gadgets, it has no guarantee to assemble the proper gadgets. To overcome this limitation, we introduce Page Table Manipulation Attack (PTMA) to alter memory attribute through page table modification. This attack enables an attacker to rewrite memory attribute of protected memory. We show how to find the page table entry of interest in Master Kernel Page Table and modify its attribute in AArch32 and x86-64. The results show that PTMA effectively circumvents the existing kernel exploitation defenses that are based on memory permission. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1145/2810103.2810121 | ACM Conference on Computer and Communications Security |
Keywords | Field | DocType |
Kernel, Kernel Exploit, Page Table, Memory Permission | Permission,Internet privacy,Computer security,Computer science,Page table,Page attribute table,Exploit,Page replacement algorithm,Page fault,Scripting language,Executable | Conference |
Citations | PageRank | References |
3 | 0.36 | 1 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jung-Seung Lee | 1 | 3 | 1.38 |
Hyoungmin Ham | 2 | 3 | 0.70 |
Inhwan Kim | 3 | 4 | 1.06 |
JooSeok Song | 4 | 306 | 58.82 |