OAMAC: Origin-Aware Mandatory Access Control for Practical Post-Compromise Attack Surface Reduction

• URL: http://arxiv.org/abs/2601.14021v1
• Date: Tue, 20 Jan 2026 14:40:26 GMT
• Title: OAMAC: Origin-Aware Mandatory Access Control for Practical Post-Compromise Attack Surface Reduction
• Authors: Omer Abdelmajeed Idris Mohammed, Ilhami M. Orak,
• Abstract summary: Execution origin is a missing abstraction in modern operating system security models.<n>We introduce origin-aware mandatory access control (OAMAC)<n> OAMAC treats execution origin as a first-class security attribute.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-sa/4.0/
• Abstract: Modern operating systems provide powerful mandatory access control mechanisms, yet they largely reason about who executes code rather than how execution originates. As a result, processes launched remotely, locally, or by background services are often treated equivalently once privileges are obtained, complicating security reasoning and enabling post-compromise abuse of sensitive system interfaces. We introduce origin-aware mandatory access control (OAMAC), a kernel-level enforcement model that treats execution origin -- such as physical user presence, remote access, or service execution -- as a first-class security attribute. OAMAC mediates access to security-critical subsystems based on execution provenance rather than identity alone, enabling centralized governance over multiple attack surfaces while significantly reducing policy complexity. We present a deployable prototype implemented entirely using the Linux eBPF LSM framework, requiring no kernel modifications. OAMAC classifies execution origin using kernel-visible metadata, propagates origin across process creation, and enforces origin-aware policies on both sensitive filesystem interfaces and the kernel BPF control plane. Policies are maintained in kernel-resident eBPF maps and can be reconfigured at runtime via a minimal userspace tool. Our evaluation demonstrates that OAMAC effectively restricts common post-compromise actions available to remote attackers while preserving normal local administration and system stability. We argue that execution origin represents a missing abstraction in contemporary operating system security models, and that elevating it to a first-class concept enables practical attack surface reduction without requiring subsystem-specific expertise or heavyweight security frameworks.

Related papers

• Autonomous Action Runtime Management(AARM):A System Specification for Securing AI-Driven Actions at Runtime [0.0]
  This paper introduces Autonomous Action Management (AARM), an open specification for securing AI-driven actions at runtime.<n>AARM intercepts actions before execution, accumulates session context, evaluates against policy and intent alignment, enforces authorization decisions, and records tamper-evident receipts for forensic reconstruction.<n>AARM is model-agnostic, framework-agnostic, and vendor-neutral, treating action execution as the stable security boundary.
  arXiv  Detail & Related papers  (2026-02-10T05:57:30Z)
• Just Ask: Curious Code Agents Reveal System Prompts in Frontier LLMs [65.6660735371212]
  We present textbftextscJustAsk, a framework that autonomously discovers effective extraction strategies through interaction alone.<n>It formulates extraction as an online exploration problem, using Upper Confidence Bound--based strategy selection and a hierarchical skill space spanning atomic probes and high-level orchestration.<n>Our results expose system prompts as a critical yet largely unprotected attack surface in modern agent systems.
  arXiv  Detail & Related papers  (2026-01-29T03:53:25Z)
• Building a Robust Risk-Based Access Control System to Combat Ransomware's Capability to Encrypt: A Machine Learning Approach [0.510691253204425]
  Ransomware core capability, unauthorized encryption, demands controls that identify and block malicious cryptographic activity without disrupting legitimate use.<n>We present a probabilistic, risk-based access control architecture that couples machine learning inference with mandatory access control to regulate encryption on Linux in real time.
  arXiv  Detail & Related papers  (2026-01-23T14:48:35Z)
• CaMeLs Can Use Computers Too: System-level Security for Computer Use Agents [60.98294016925157]
  AI agents are vulnerable to prompt injection attacks, where malicious content hijacks agent behavior to steal credentials or cause financial loss.<n>We introduce Single-Shot Planning for CUAs, where a trusted planner generates a complete execution graph with conditional branches before any observation of potentially malicious content.<n>Although this architectural isolation successfully prevents instruction injections, we show that additional measures are needed to prevent Branch Steering attacks.
  arXiv  Detail & Related papers  (2026-01-14T23:06:35Z)
• A Systematization of Security Vulnerabilities in Computer Use Agents [1.3560089220432787]
  We conduct a systematic threat analysis and testing of real-world CUAs under adversarial conditions.<n>We identify seven classes of risks unique to the CUA paradigm, and analyze three concrete exploit scenarios in depth.<n>These case studies reveal deeper architectural flaws across current CUA implementations.
  arXiv  Detail & Related papers  (2025-07-07T19:50:21Z)
• DRIFT: Dynamic Rule-Based Defense with Injection Isolation for Securing LLM Agents [52.92354372596197]
  Large Language Models (LLMs) are increasingly central to agentic systems due to their strong reasoning and planning capabilities.<n>This interaction also introduces the risk of prompt injection attacks, where malicious inputs from external sources can mislead the agent's behavior.<n>We propose a Dynamic Rule-based Isolation Framework for Trustworthy agentic systems, which enforces both control and data-level constraints.
  arXiv  Detail & Related papers  (2025-06-13T05:01:09Z)
• Provable Execution in Real-Time Embedded Systems [8.816934283264633]
  We develop Provable Execution Architecture for Real-Time Systems (PEARTS)<n>PEARTS is the first PoX system that can be directly deployed alongside a commodity embedded real-time operating system (FreeRTOS)
  arXiv  Detail & Related papers  (2025-05-20T02:31:13Z)
• CANTXSec: A Deterministic Intrusion Detection and Prevention System for CAN Bus Monitoring ECU Activations [53.036288487863786]
  We propose CANTXSec, the first deterministic Intrusion Detection and Prevention system based on physical ECU activations.<n>It detects and prevents classical attacks in the CAN bus, while detecting advanced attacks that have been less investigated in the literature.<n>We prove the effectiveness of our solution on a physical testbed, where we achieve 100% detection accuracy in both classes of attacks while preventing 100% of FIAs.
  arXiv  Detail & Related papers  (2025-05-14T13:37:07Z)
• The Cost of Performance: Breaking ThreadX with Kernel Object Masquerading Attacks [16.54210795506388]
  We show that popular real-time operating systems (RTOSs) lack essential security protections.<n>We identify a performance optimization practice in ThreadX that introduces security vulnerabilities, allowing for the circumvention of parameter sanitization processes.<n>We introduce an automated approach involving under-constrained symbolic execution to identify the Kernel Object Masquerading (KOM) Attack.
  arXiv  Detail & Related papers  (2025-04-28T05:01:35Z)
• Progent: Programmable Privilege Control for LLM Agents [46.31581986508561]
  We introduce Progent, the first privilege control framework to secure Large Language Models agents.<n>Progent enforces security at the tool level by restricting agents to performing tool calls necessary for user tasks while blocking potentially malicious ones.<n>Thanks to our modular design, integrating Progent does not alter agent internals and only requires minimal changes to the existing agent implementation.
  arXiv  Detail & Related papers  (2025-04-16T01:58:40Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• Safe RAN control: A Symbolic Reinforcement Learning Approach [62.997667081978825]
  We present a Symbolic Reinforcement Learning (SRL) based architecture for safety control of Radio Access Network (RAN) applications. We provide a purely automated procedure in which a user can specify high-level logical safety specifications for a given cellular network topology. We introduce a user interface (UI) developed to help a user set intent specifications to the system, and inspect the difference in agent proposed actions.
  arXiv  Detail & Related papers  (2021-06-03T16:45:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.