15th USENIX Security Symposium Abstract
Pp. 121136 of the Proceedings
Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a
Wide Range of Attacks
Wei Xu, Sandeep Bhatkar, and R. Sekar, Stony Brook University
Policy-based confinement, employed in SELinux and
specification-based intrusion detection systems, is a popular
approach for defending against exploitation of vulnerabilities
in benign software. Conventional access control
policies employed in these approaches are effective
in detecting privilege escalation attacks. However, they
are unable to detect attacks that "hijack" legitimate access
privileges granted to a program, e.g., an attack that
subverts an FTP server to download the password file.
(Note that an FTP server would normally need to access
the password file for performing user authentication.)
Some of the common attack types reported today,
such as SQL injection and cross-site scripting, involve
such subversion of legitimate access privileges. In this
paper, we present a new approach to strengthen policy
enforcement by augmenting security policies with information
about the trustworthiness of data used in securitysensitive
operations. We evaluated this technique using
9 available exploits involving several popular software
packages containing the above types of vulnerabilities.
Our technique sucessfully defeated these exploits.
- View the full text of this paper in HTML and PDF. Listen to the presentation in MP3 format.
Until August 2007, you will need your USENIX membership identification in order to access the full papers.
The Proceedings are published as a collective work, © 2006 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.