A fine-grained classification and security analysis of web-based virtual machine vulnerabilities

Web-based virtual machines are one of the primary targets of attackers due to number of design flaws they contain and the connectivity provided by the Web. The design and implementation of Inscription, the first fully automated Adobe Flash binary code transformation system that can guard major Flash...

Full description

Saved in:
Bibliographic Details
Published in:Computers & security Vol. 105; p. 102246
Main Authors: Yilmaz, Fadi, Sridhar, Meera, Mohanty, Abhinav, Tendulkar, Vasant, Hamlen, Kevin W.
Format: Journal Article
Language:English
Published: Amsterdam Elsevier Ltd 01.06.2021
Elsevier Sequoia S.A
Subjects:
Binary codes
Classification
Corruption
Cybersecurity
Enforcement
In-lined reference monitoring
Inscriptions
Machinery
Medical diagnosis
Memory
Memory corruption vulnerabilities
Mitigation
Multimedia
Overflow
Security
Transformation
Virtual environments
Vulnerability
Vulnerability classification
Vulnerability databases
Web security
Web-based virtual machines
Memory corruption vulnerabilities
In-lined reference monitoring
Web security
Web-based virtual machines
Vulnerability databases
Vulnerability classification
ISSN:0167-4048, 1872-6208
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Web-based virtual machines are one of the primary targets of attackers due to number of design flaws they contain and the connectivity provided by the Web. The design and implementation of Inscription, the first fully automated Adobe Flash binary code transformation system that can guard major Flash vulnerability categories without modifying vulnerable Flash VMs, is presented and evaluated. Inscription affords a means of mitigating the significant class of web attacks that target unpatched, legacy Flash VMs and their apps. This new enforcement capability is most effective when supplied with security policies that accurately characterize VM security vulnerabilities and their mitigations. Researchers and security engineers commonly depend on well-known, public vulnerability databases that document such vulnerabilities and provide details about each; but vulnerability information that is inconsistent, inaccurate, or vague hinders diagnosis of vulnerabilities residing in the implementations of web-based VMs, which is one of the crucial prerequisites of building generic, comprehensive security solutions for mitigating them. For example, a large percentage of disclosed vulnerabilities of the ActionScript VM (AVM), which executes Flash binaries, are vaguely classified as “Memory Corruption” or “Unspecified”. Deeper analysis of these vulnerabilities reveals that most can be more precisely classified as (1) use-after-free, (2) double-free, (3) integer overflow, (4) buffer overflow, or (5) heap overflow vulnerability sub-classes. To improve web vulnerability analysis and mitigation, a more thorough, comprehensive and accurate reclassification of web-based vulnerabilities is presented, in which “Memory Corruption” and “Unspecified” vulnerabilities are reclassified into one of these fine-grained vulnerability sub-classes.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0167-4048
1872-6208
DOI:10.1016/j.cose.2021.102246