A Framework For Dynamic Subversion
Abstract
The subversion technique of attacking an operating system is often overlooked in information security. Operating Systems are vulnerable throughout their lifecycle in that small artifices can be inserted into an operating system's code that, on command, can completely disable its security mechanisms. To illustrate that this threat is viable, it is shown that it is not difficult for an attacker to implement the framework for the 'two-card loader' type of subversion, a trap door which enables the insertion of arbitrary code into the operating system while the system is deployed and running. This framework provides several services such as memory allocation in the attacked system, and mechanisms for relocating, linking and loading the inserted attack code. Additionally, this thesis shows how Windows XP embedded designers can use Intel's x86 hardware more effectively to build a higher assurance operating system. Principles of hardware support are discussed and recommendations are presented. Subversion is overlooked because critics believe the attack is too difficult to carry out. It is illustrated in this thesis that this is simply not the case. Anyone with access to the operating system code at some point in its lifecycle can design a fairly elaborate subversion artifice with modest effort.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2003
- Accession Number
- ADA417568
Entities
People
- David T. Rogers
Organizations
- Naval Postgraduate School