Catalogue Search | MBRL
Are you sure you want to remove the book from the shelf?
{{itemTitle}}
113,823
result(s) for
"Linux."
Sort by:
Software Analysis Through Binary Function Identification
Executable binaries are made up of functional components interacting with each other and the operating system they run on. When high-level source code is compiled into executable binaries, information on the name, size, location, and type of these functional components is included in the executable through the use of symbols. Most software distributed today that is compiled into machine code is released without this symbol information i.e., they are stripped. This makes understanding and analysing binary software very difficult due to the lack of recognisable information in a structured and ordered manner. In this thesis, we propose new techniques used to recover the names of functions in stripped binaries. We explore problems inherent in recovering textual information in the large label space associated with naming functions and develop deep-learning embeddings for both binary functions and their names. Furthermore, we demonstrate how symbol name information can be used to aid the exposure of previously undiscovered software bugs by injecting faults in the high-level logic of client USB kernel drivers. We design a scalable approach for symbol recovery that uses static and symbolic program analysis to extract high-level features from machine code. These features are then used to learn the structure of how binary code and data interact with each other to infer name information from functions in executables. We build a toolkit, DESYL (DEbug Symbol Learning), that is able to modify stripped executable binaries and add symbol information using machine learning models learnt over a very large dataset. Finally, we develop USBDT (USB Driver Testing), our tool for hooking known kernel functions and using selective symbolic execution to analyse Linux USB kernel drivers. Our work extends QEMU to build a software defined virtual USB device used to analyse the Linux USB stack and helped develop two previously unreported mainline Linux kernel zero-day exploits.
Dissertation
Mastering Linux security and hardening : secure your Linux server and protect it from intruders, malware attacks, and other external threats
For the past couple of decades, Linux has been extremely popular with systems administrators, for everything from creating networks and servers to automating their entire working environment. However, security has always been the major concern. With not many resources available in the Linux security domain, this book will be an invaluable ...
Book
Upstream bug management in Linux distributions
A Linux distribution consists of thousands of packages that are either developed by in-house developers (in-house packages) or by external projects (upstream packages). Leveraging upstream packages speeds up development and improves productivity, yet bugs might slip through into the packaged code and end up propagating into downstream Linux distributions. Maintainers, who integrate upstream projects into their distribution, typically lack the expertise of the upstream projects. Hence, they could try either to propagate the bug report upstream and wait for a fix, or fix the bug locally and maintain the fix until it is incorporated upstream. Both of these outcomes come at a cost, yet, to the best of our knowledge, no prior work has conducted an in-depth analysis of upstream bug management in the Linux ecosystem. Hence, this paper empirically studies how high-severity bugs are fixed in upstream packages for two Linux distributions, i.e., Debian and Fedora. Our results show that 13.9% of the upstream package bugs are explicitly reported being fixed by upstream, and 13.3% being fixed by the distribution, while the vast majority of bugs do not have explicit information about this in Debian. When focusing on the 27.2% with explicit information, our results also indicate that upstream fixed bugs make users wait for a longer time to get fixes and require more additional information compared to fixing upstream bugs locally by the distribution. Finally, we observe that the number of bug comment links to reference information (e.g., design docs, bug reports) of the distribution itself and the similarity score between upstream and distribution bug reports are important factors for the likelihood of a bug being fixed upstream. Our findings strengthen the need for traceability tools on bug fixes of upstream packages between upstream and distributions in order to find upstream fixes easier and lower the cost of upstream bug management locally.
Journal Article
