Understanding security vulnerabilities in file systems

Miao Cai; Hao Huang; Jian Huang

doi:10.1145/3343737.3343753

Understanding security vulnerabilities in file systems

Miao Cai, Hao Huang, Jian Huang

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

File systems have been developed for decades with the securitycritical foundation provided by operating systems. However, they are still vulnerable to malware attacks and software defects. In this paper, we undertake the first attempt to systematically understand the security vulnerabilities in various file systems. We conduct an empirical study of 157 real cases reported in Common Vulnerabilities and Exposures (CVE). We characterize the file system vulnerabilities in different dimensions that include the common vulnerabilities leveraged by adversaries to initiate their attacks, their exploitation procedures, root causes, consequences, and mitigation approaches. We believe the insights derived from this study have broad implications related to the further enhancement of the security aspect of file systems, and the associated vulnerability detection tools.

Original language	English (US)
Title of host publication	Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019
Publisher	Association for Computing Machinery
Pages	8-15
Number of pages	8
ISBN (Electronic)	9781450368933
DOIs	https://doi.org/10.1145/3343737.3343753
State	Published - Aug 19 2019
Event	10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019 - Hangzhou, China Duration: Aug 19 2019 → Aug 20 2019

Publication series

Name	Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019

Conference

Conference	10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019
Country/Territory	China
City	Hangzhou
Period	8/19/19 → 8/20/19

ASJC Scopus subject areas

Computer Networks and Communications
Hardware and Architecture

Online availability

10.1145/3343737.3343753

Library availability

Discover UIUC Full Text

Cite this

Understanding security vulnerabilities in file systems. / Cai, Miao; Huang, Hao; Huang, Jian.
Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019. Association for Computing Machinery, 2019. p. 8-15 (Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Cai, M, Huang, H & Huang, J 2019, Understanding security vulnerabilities in file systems. in Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019. Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019, Association for Computing Machinery, pp. 8-15, 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019, Hangzhou, China, 8/19/19. https://doi.org/10.1145/3343737.3343753

@inproceedings{1703ca5bf2fa4d799ddafb3646413d9f,

title = "Understanding security vulnerabilities in file systems",

abstract = "File systems have been developed for decades with the securitycritical foundation provided by operating systems. However, they are still vulnerable to malware attacks and software defects. In this paper, we undertake the first attempt to systematically understand the security vulnerabilities in various file systems. We conduct an empirical study of 157 real cases reported in Common Vulnerabilities and Exposures (CVE). We characterize the file system vulnerabilities in different dimensions that include the common vulnerabilities leveraged by adversaries to initiate their attacks, their exploitation procedures, root causes, consequences, and mitigation approaches. We believe the insights derived from this study have broad implications related to the further enhancement of the security aspect of file systems, and the associated vulnerability detection tools.",

author = "Miao Cai and Hao Huang and Jian Huang",

note = "Publisher Copyright: {\textcopyright} 2019 Copyright held by the owner/author(s). Publication rights licensedto ACM.; 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019 ; Conference date: 19-08-2019 Through 20-08-2019",

year = "2019",

month = aug,

day = "19",

doi = "10.1145/3343737.3343753",

language = "English (US)",

series = "Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019",

publisher = "Association for Computing Machinery",

pages = "8--15",

booktitle = "Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019",

address = "United States",

}

TY - GEN

T1 - Understanding security vulnerabilities in file systems

AU - Cai, Miao

AU - Huang, Hao

AU - Huang, Jian

PY - 2019/8/19

Y1 - 2019/8/19

N2 - File systems have been developed for decades with the securitycritical foundation provided by operating systems. However, they are still vulnerable to malware attacks and software defects. In this paper, we undertake the first attempt to systematically understand the security vulnerabilities in various file systems. We conduct an empirical study of 157 real cases reported in Common Vulnerabilities and Exposures (CVE). We characterize the file system vulnerabilities in different dimensions that include the common vulnerabilities leveraged by adversaries to initiate their attacks, their exploitation procedures, root causes, consequences, and mitigation approaches. We believe the insights derived from this study have broad implications related to the further enhancement of the security aspect of file systems, and the associated vulnerability detection tools.

AB - File systems have been developed for decades with the securitycritical foundation provided by operating systems. However, they are still vulnerable to malware attacks and software defects. In this paper, we undertake the first attempt to systematically understand the security vulnerabilities in various file systems. We conduct an empirical study of 157 real cases reported in Common Vulnerabilities and Exposures (CVE). We characterize the file system vulnerabilities in different dimensions that include the common vulnerabilities leveraged by adversaries to initiate their attacks, their exploitation procedures, root causes, consequences, and mitigation approaches. We believe the insights derived from this study have broad implications related to the further enhancement of the security aspect of file systems, and the associated vulnerability detection tools.

UR - http://www.scopus.com/inward/record.url?scp=85076464139&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85076464139&partnerID=8YFLogxK

U2 - 10.1145/3343737.3343753

DO - 10.1145/3343737.3343753

M3 - Conference contribution

AN - SCOPUS:85076464139

T3 - Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019

SP - 8

EP - 15

BT - Proceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019

PB - Association for Computing Machinery

T2 - 10th ACM SIGOPS Asia-Pacific Workshop on Systems, APSys 2019

Y2 - 19 August 2019 through 20 August 2019

ER -

Understanding security vulnerabilities in file systems

Abstract

Publication series

Conference

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this