skip to main content
10.1145/1066677.1066758acmconferencesArticle/Chapter ViewAbstractPublication PagessacConference Proceedingsconference-collections
Article

Preventing race condition attacks on file-systems

Published: 13 March 2005 Publication History

Abstract

Race condition attacks occur when a process performs a sequence of operations on a file, under the assumption that the operations are being executed "atomically". This can be exploited by a malicious process which changes the characteristics of that file between two successive operations on it by a victim process, thus, inducing the victim process to operate on a modified or diflerent file. In this paper we present a practical approach to detect and prevent such race condition attacks. We monitor file operations and enforce policies which prevent the exploitation of the temporal window between any consecutive file operations by a process. Our approach does not rely on knowledge of previously known attacks. In addition, our experiments on Linux demonstrated that attacks can be detected with false alarms of less than 3% with performance overheads less than 8% of the processes execution time.

References

[1]
Rahul Agarwal and Scott D. Stoller. Type inference for parameterized race-free java. In 5th ICVMC, volume 2937 of LNCS, 2004.
[2]
Rajeev Alur, Robert K. Brayton, Thomas A. Henzinger, Shaz Qadeer, and Sriram K. Rajamani. Partial-order reduction in symbolic state-space exploration. Formal Methods in System Design, 18:97--116, 2001.
[3]
Arthur Bernstein. Analysis of programs for parallel processing. In IEEE Trans. Electronic Comput. EC-15 5, 757--763, 1966.
[4]
Matt Bishop and Michael Dilger. Checking for race conditions in file accesses. Computing Systems, 9(2):131--152, Spring 1996.
[5]
Chandrasekhar Boyapati and Martin Rinard. A parameterized type system for race-free Java programs. In 16th OOPSLA, October 2001.
[6]
CERT. http://www.cert.org/advisories/index.html.
[7]
Crispin Cowan, Steve Beattie, Chris Wrigh, and Greg Kroah-Hartman. Raceguard. In 10th USENIX Security Symposium, 2001.
[8]
Stefan Savage et al. Eraser: A dynamic data race detector for multithreaded programs. ACM TCS, 15(4):391--411, 1997.
[9]
Tal Garfinkel. Traps and pitfalls: Practical problems in system call interposition based security tools. In NDSS, 2003.
[10]
K. Ilgun. A real-time intrusion detection system for unix. In IEEE S&P, 1993.
[11]
K. Jain and R Sekar. User-level infrastructure for system call int erposition: A platform for intrusion detection and confinement. In ISOC NDSS, 2000.
[12]
C. Ko. Execution Monitoring of Security-Critical Programs in a Distributed System. PhD thesis, UCDavis, Dec 1996.
[13]
Calvin Ko and Timothy Redmond. Noninterference and intrusion detection. In IEEE S&P, 2003.
[14]
S. Kumar. Classification and Detection of Computer Intrusions. PhD thesis, CERIAS lab, Purdue University, December 1995.
[15]
R. Lippmann, J. W. Haines, D. Fried, J. Korba, and K. Das. The 1999 darpa off-line intrusion detection evaluation. In Computer Networks, 2000.
[16]
J. Craig Lowery. A tour of tocttou. In SANS GSEC practical v1. 4b, 2002.
[17]
José F. Martínez and Josep Torrellas. Applying thread-level speculation to explicitly parallel applications. In ASPLOS, San Jose, CA, 2002.
[18]
Robert H. B. Netzer and Barton P. Miller. What are race conditions?: Some issues and formalizations. ACM Lett. Program. Lang. Syst., 1(1):74--88, 1992.
[19]
Bruno Blanchet Patrick. A static analyzer for large safety-critical software. In citeseer.nj.nec.com/581205.html.
[20]
R. Sekar and Prem Uppuluri. Synthesizing fast intrusion prevention/detection systems from high-level specifications. In USENIX Security Symposium, 1999.
[21]
Eugene Tsyrklevich and Bennet Yee. Dynamic detection and prevention of race conditions in file accesses. In USENIX Security Symposium, 2003.
[22]
P. Uppuluri and R. Sekar. Experiences with specification-based intrusion detection. In RAID, LNCS, 2001.
[23]
Prem Uppuluri. Intrusion Detection/Prevention Using Behavior Specfications. PhD thesis, SUNY Stony Brook, August 2003.
[24]
C. Wright, C. Cowan, J. Morris, S. Smalley, and G. Kroah. Linux security modules. In citeseer.nj.nec.com/wright02linux.html, 2002.

Cited By

View all
  • (2023)Unsafe at any copyProceedings of the 21st USENIX Conference on File and Storage Technologies10.5555/3585938.3585950(183-197)Online publication date: 21-Feb-2023
  • (2023)TLS Guard for TLS 1.3 zero round-trip time (0-RTT) in a distributed environmentJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10179735:10(101797)Online publication date: Dec-2023
  • (2022)Defense and Attack Techniques Against File-Based TOCTOU Vulnerabilities: A Systematic ReviewIEEE Access10.1109/ACCESS.2022.315306410(21742-21758)Online publication date: 2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SAC '05: Proceedings of the 2005 ACM symposium on Applied computing
March 2005
1814 pages
ISBN:1581139640
DOI:10.1145/1066677
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 March 2005

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. race conditions
  2. security
  3. system calls

Qualifiers

  • Article

Conference

SAC05
Sponsor:
SAC05: The 2005 ACM Symposium on Applied Computing
March 13 - 17, 2005
New Mexico, Santa Fe

Acceptance Rates

Overall Acceptance Rate 1,650 of 6,669 submissions, 25%

Upcoming Conference

SAC '25
The 40th ACM/SIGAPP Symposium on Applied Computing
March 31 - April 4, 2025
Catania , Italy

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)19
  • Downloads (Last 6 weeks)1
Reflects downloads up to 30 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Unsafe at any copyProceedings of the 21st USENIX Conference on File and Storage Technologies10.5555/3585938.3585950(183-197)Online publication date: 21-Feb-2023
  • (2023)TLS Guard for TLS 1.3 zero round-trip time (0-RTT) in a distributed environmentJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10179735:10(101797)Online publication date: Dec-2023
  • (2022)Defense and Attack Techniques Against File-Based TOCTOU Vulnerabilities: A Systematic ReviewIEEE Access10.1109/ACCESS.2022.315306410(21742-21758)Online publication date: 2022
  • (2021)Joint security and performance improvement in multilevel shared cachesIET Information Security10.1049/ise2.1202315:4(297-308)Online publication date: 14-Apr-2021
  • (2018)Automated Detection, Exploitation, and Elimination of Double-Fetch Bugs using Modern CPU FeaturesProceedings of the 2018 on Asia Conference on Computer and Communications Security10.1145/3196494.3196508(587-600)Online publication date: 29-May-2018
  • (2017)Comparative modelling and verification of Pthreads and DthreadsJournal of Software: Evolution and Process10.1002/smr.191930:3Online publication date: 17-Nov-2017
  • (2015)Fixing Races For GoodProceedings of the 10th ACM Symposium on Information, Computer and Communications Security10.1145/2714576.2714581(357-368)Online publication date: 14-Apr-2015
  • (2015)Enhancing Performance And Reliability of Rule Management PlatformsProceedings of the 6th ACM/SPEC International Conference on Performance Engineering10.1145/2668930.2688035(187-198)Online publication date: 28-Jan-2015
  • (2014)JIGSAWProceedings of the 23rd USENIX conference on Security Symposium10.5555/2671225.2671287(973-988)Online publication date: 20-Aug-2014
  • (2014)Policy models to protect resource retrievalProceedings of the 19th ACM symposium on Access control models and technologies10.1145/2613087.2613111(211-222)Online publication date: 25-Jun-2014
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media