Publication Details

Hijacking the Linux Kernel

PROCHÁZKA Boris, VOJNAR Tomáš and DRAHANSKÝ Martin. Hijacking the Linux Kernel. In: Sixth Doctoral Workshop on Mathematical and Engineering Methods in Computer Science (MEMICS'10) -- Selected Papers. OASIcs proceedengs from MEMICS'10 papers, vol. 16. Dagstuhl: Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik, 2011, pp. 85-92. ISBN 978-3-939897-22-4. ISSN 2190-6807.
Czech title
Únos z obsluhy linuxového jádra
Type
conference paper
Language
english
Authors
URL
Keywords

computer security, operating system, Linux, rootkit, system call, IA-32

Abstract

In this paper, a new method of hijacking the Linux kernel is
presented. It is based on analysing the Linux system call handler, where a proper set of instructions is subsequently replaced by a jump to a di erent function. The ability to change the execution
flow in the middle of an existing function represents a unique approach in Linux kernel hacking. The attack is applicable to all kernels from the 2.6 series on the Intel architecture. Due to this, rootkits based on this kind of technique represent a high risk for Linux administrators.

Published
2011
Pages
85-92
Journal
OpenAccess Series in Informatics (OASIcs), vol. 16, no. 2, ISSN 2190-6807
Proceedings
Sixth Doctoral Workshop on Mathematical and Engineering Methods in Computer Science (MEMICS'10) -- Selected Papers
Series
OASIcs proceedengs from MEMICS'10 papers
Conference
MEMICS'10 -- 6th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science, Mikulov, CZ
ISBN
978-3-939897-22-4
Publisher
Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik
Place
Dagstuhl, DE
BibTeX
@INPROCEEDINGS{FITPUB9980,
   author = "Boris Proch\'{a}zka and Tom\'{a}\v{s} Vojnar and Martin Drahansk\'{y}",
   title = "Hijacking the Linux Kernel",
   pages = "85--92",
   booktitle = "Sixth Doctoral Workshop on Mathematical and Engineering Methods in Computer Science (MEMICS'10) -- Selected Papers",
   series = "OASIcs proceedengs from MEMICS'10 papers",
   journal = "OpenAccess Series in Informatics (OASIcs)",
   volume = 16,
   number = 2,
   year = 2011,
   location = "Dagstuhl, DE",
   publisher = "Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik",
   ISBN = "978-3-939897-22-4",
   ISSN = "2190-6807",
   language = "english",
   url = "https://www.fit.vut.cz/research/publication/9980"
}
Back to top