Got Root? A Linux Priv-Esc Benchmark

• URL: http://arxiv.org/abs/2405.02106v2
• Date: Mon, 6 May 2024 10:42:30 GMT
• Title: Got Root? A Linux Priv-Esc Benchmark
• Authors: Andreas Happe, Jürgen Cito,
• Abstract summary: Linux systems are integral to the infrastructure of modern computing environments. A benchmark set of vulnerable systems is of high importance to evaluate the effectiveness of privilege-escalation techniques.
• Score: 3.11537581064266
• License: http://creativecommons.org/licenses/by-nc-sa/4.0/
• Abstract: Linux systems are integral to the infrastructure of modern computing environments, necessitating robust security measures to prevent unauthorized access. Privilege escalation attacks represent a significant threat, typically allowing attackers to elevate their privileges from an initial low-privilege account to the all-powerful root account. A benchmark set of vulnerable systems is of high importance to evaluate the effectiveness of privilege-escalation techniques performed by both humans and automated tooling. Analyzing their behavior allows defenders to better fortify their entrusted Linux systems and thus protect their infrastructure from potentially devastating attacks. To address this gap, we developed a comprehensive benchmark for Linux privilege escalation. It provides a standardized platform to evaluate and compare the performance of human and synthetic actors, e.g., hacking scripts or automated tooling.

Related papers

• MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
  We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware. We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph. This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
  arXiv  Detail & Related papers  (2024-09-29T07:22:47Z)
• Security Testbed for Preempting Attacks against Supercomputing Infrastructure [1.9097277955963794]
  This paper describes a security testbed embedded in live traffic of a supercomputer at the National Center for Supercomputing Applications. The objective is to demonstrate attack textitpreemption, i.e., stopping system compromise and data breaches at petascale supercomputers.
  arXiv  Detail & Related papers  (2024-09-15T03:42:47Z)
• Cabin: Confining Untrusted Programs within Confidential VMs [13.022056111810599]
  Confidential computing safeguards sensitive computations from untrusted clouds. CVMs often come with large and vulnerable operating system kernels, making them susceptible to attacks exploiting kernel weaknesses. This study proposes Cabin, an isolated execution framework within guest VM utilizing the latest AMD SEV-SNP technology.
  arXiv  Detail & Related papers  (2024-07-17T06:23:28Z)
• Rethinking the Vulnerabilities of Face Recognition Systems:From a Practical Perspective [53.24281798458074]
  Face Recognition Systems (FRS) have increasingly integrated into critical applications, including surveillance and user authentication. Recent studies have revealed vulnerabilities in FRS to adversarial (e.g., adversarial patch attacks) and backdoor attacks (e.g., training data poisoning)
  arXiv  Detail & Related papers  (2024-05-21T13:34:23Z)
• LeapFrog: The Rowhammer Instruction Skip Attack [4.091772241106195]
  We present a new type of Rowhammer gadget, called a LeapFrog gadget, which allows an adversary to subvert code execution. The Leapfrog gadget manifests when the victim code stores the Program Counter (PC) value in the user or kernel stack. This research also presents a systematic process to identify Leapfrog gadgets.
  arXiv  Detail & Related papers  (2024-04-11T16:10:16Z)
• When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
  We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures. We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN. Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
  arXiv  Detail & Related papers  (2023-06-09T14:33:26Z)
• DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified Robustness [58.23214712926585]
  We develop a certified defense, DRSM (De-Randomized Smoothed MalConv), by redesigning the de-randomized smoothing technique for the domain of malware detection. Specifically, we propose a window ablation scheme to provably limit the impact of adversarial bytes while maximally preserving local structures of the executables. We are the first to offer certified robustness in the realm of static detection of malware executables.
  arXiv  Detail & Related papers  (2023-03-20T17:25:22Z)
• Attack Techniques and Threat Identification for Vulnerabilities [1.1689657956099035]
  prioritization and focus become critical, to spend their limited time on the highest risk vulnerabilities. In this work, we use machine learning and natural language processing techniques, as well as several publicly available data sets. We first map the vulnerabilities to a standard set of common weaknesses, and then common weaknesses to the attack techniques. This approach yields a Mean Reciprocal Rank (MRR) of 0.95, an accuracy comparable with those reported for state-of-the-art systems.
  arXiv  Detail & Related papers  (2022-06-22T15:27:49Z)
• Automating Privilege Escalation with Deep Reinforcement Learning [71.87228372303453]
  In this work, we exemplify the potential threat of malicious actors using deep reinforcement learning to train automated agents. We present an agent that uses a state-of-the-art reinforcement learning algorithm to perform local privilege escalation. Our agent is usable for generating realistic attack sensor data for training and evaluating intrusion detection systems.
  arXiv  Detail & Related papers  (2021-10-04T12:20:46Z)
• SHARKS: Smart Hacking Approaches for RisK Scanning in Internet-of-Things and Cyber-Physical Systems based on Machine Learning [5.265938973293016]
  Cyber-physical systems (CPS) and Internet-of-Things (IoT) devices are increasingly being deployed across multiple functionalities. These devices are inherently not secure across their comprehensive software, hardware, and network stacks. We present an innovative technique for detecting unknown system vulnerabilities, managing these vulnerabilities, and improving incident response.
  arXiv  Detail & Related papers  (2021-01-07T22:01:30Z)
• Adversarial EXEmples: A Survey and Experimental Evaluation of Practical Attacks on Machine Learning for Windows Malware Detection [67.53296659361598]
  adversarial EXEmples can bypass machine learning-based detection by perturbing relatively few input bytes. We develop a unifying framework that does not only encompass and generalize previous attacks against machine-learning models, but also includes three novel attacks. These attacks, named Full DOS, Extend and Shift, inject the adversarial payload by respectively manipulating the DOS header, extending it, and shifting the content of the first section.
  arXiv  Detail & Related papers  (2020-08-17T07:16:57Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.