Digital Library[ Search Result ]

Search : [ keyword: Kernel Module ] (2)

Application Monitoring System Design and Implementation using System Call Pattern

Haegeon Jeong, Kyungtae Kang

http://doi.org/10.5626/JOK.2022.49.10.795

A user application consists of a set of functions. An application gives a set of functions to do what the user needs. Applications that provide services such as web servers are very large and complex, making them a target for attackers. As a result of attacks by malicious hackers, application variables and program flow are distorted, leading to the hijacking of system administrator privileges or abnormal operations. In this paper, we designed and implemented a system that collects an application"s system call and detects anomalies in applications through the collected patterns. As a result of measuring the overhead through the actually implemented system, it was found that when about 1 million system calls were monitored, it had an overhead of about 0.8 seconds. This is about 1/28 of the overhead time of existing tools such as strace.

Automated Unit-test Generation for Detecting Vulnerabilities of Android Kernel Modules

Yunho Kim, Moonzoo Kim

http://doi.org/

In this study, we propose an automated unit test generation technique for detecting vulnerabilities of Android kernel modules. The technique automatically generates unit test drivers/stubs and unit test inputs for each function of Android kernel modules by utilizing dynamic symbolic execution. To reduce false alarms caused by function pointers and missing pre-conditions of automated unit test generation technique, we develop false alarm reduction techniques that match function pointers by utilizing static analysis and generate pre-conditions by utilizing def-use analysis. We showed that the proposed technique could detect all existing vulnerabilities in the three modules of Android kernel 3.4. Also, the false alarm reduction techniques removed 44.9% of false alarms on average.


Search




Journal of KIISE

  • ISSN : 2383-630X(Print)
  • ISSN : 2383-6296(Electronic)
  • KCI Accredited Journal

Editorial Office

  • Tel. +82-2-588-9240
  • Fax. +82-2-521-1352
  • E-mail. chwoo@kiise.or.kr