A Study for Task Detection Acquiring Abnormal Permission in Linux

Won Il Kim; Sang Hyun Yoo; Ju Hyun Kwak; Chang Hoon Lee

A Study for Task Detection Acquiring Abnormal Permission in Linux

KIPS Transactions on Computer and Communication Systems, Vol. 3, No. 11, pp. 427-432, Nov. 2014

10.3745/KTCCS.2014.3.11.427, PDF Download:

Abstract

The Purpose of local system attacks is to acquire administrator``s(root) privilege shell through the execution of the malicious program orchange the flow of the program. This acquiring shell through attack is still valid approach method and it is difficult to cope withimproving each of vulnerability because the attacker can select various forms of attack. Linux allocate a set of credentials when login, inorder to manage user permissions. Credentials were issued and managed by the kernel directly, and also the kernel ensures that anychange cannot be occurred outside of kernel. But, user``s credentials that acquired root privilege through system attacks occurs aphenomenon that does not remain consistent. In this paper we propose a security module to detect a security threats that may cause tousers and tasks by analysis user task execution and inconsistency credentials.

Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

W. I. Kim, S. H. Yoo, J. H. Kwak, C. H. Lee, "A Study for Task Detection Acquiring Abnormal Permission in Linux," KIPS Transactions on Computer and Communication Systems, vol. 3, no. 11, pp. 427-432, 2014. DOI: 10.3745/KTCCS.2014.3.11.427.

[ACM Style]

Won Il Kim, Sang Hyun Yoo, Ju Hyun Kwak, and Chang Hoon Lee. 2014. A Study for Task Detection Acquiring Abnormal Permission in Linux. KIPS Transactions on Computer and Communication Systems, 3, 11, (2014), 427-432. DOI: 10.3745/KTCCS.2014.3.11.427.