TY - JOUR
T1 - The Security War in File Systems
T2 - An Empirical Study from A Vulnerability-centric Perspective
AU - Sun, Jinghan
AU - Li, Shaobo
AU - Xu, Jun
AU - Huang, Jian
N1 - Publisher Copyright:
© 2023 Copyright held by the owner/author(s). Publication rights licensed to ACM.
PY - 2023/10/3
Y1 - 2023/10/3
N2 - This article presents a systematic study on the security of modern file systems, following a vulnerability-centric perspective. Specifically, we collected 377 file system vulnerabilities committed to the CVE database in the past 20 years. We characterize them from four dimensions: why the vulnerabilities appear, how the vulnerabilities can be exploited, what consequences can arise, and how the vulnerabilities are fixed. This way, we build a deep understanding of the attack surfaces faced by file systems, the threats imposed by the attack surfaces, and the good and bad practices in mitigating the attacks in file systems. We envision that our study will bring insights towards the future development of file systems, the enhancement of file system security, and the relevant vulnerability-mitigating solutions.
AB - This article presents a systematic study on the security of modern file systems, following a vulnerability-centric perspective. Specifically, we collected 377 file system vulnerabilities committed to the CVE database in the past 20 years. We characterize them from four dimensions: why the vulnerabilities appear, how the vulnerabilities can be exploited, what consequences can arise, and how the vulnerabilities are fixed. This way, we build a deep understanding of the attack surfaces faced by file systems, the threats imposed by the attack surfaces, and the good and bad practices in mitigating the attacks in file systems. We envision that our study will bring insights towards the future development of file systems, the enhancement of file system security, and the relevant vulnerability-mitigating solutions.
KW - Storage systems
KW - file system vulnerabilities
UR - http://www.scopus.com/inward/record.url?scp=85177849790&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85177849790&partnerID=8YFLogxK
U2 - 10.1145/3606020
DO - 10.1145/3606020
M3 - Article
AN - SCOPUS:85177849790
SN - 1553-3077
VL - 19
JO - ACM Transactions on Storage
JF - ACM Transactions on Storage
IS - 4
M1 - 3606020
ER -