TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries

Daniele Mucci; Bernhards Blumbergs

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries

Topics: Data and Software Security; Intrusion Detection and Response; Security and Privacy in Cloud and Pervasive Computing; Vulnerability Analysis and Countermeasures

In Proceedings of the 5th International Conference on Information Systems Security and Privacy ICISSP - Volume 1, 361-369, 2019 , Prague, Czech Republic

Authors: Daniele Mucci ¹ and Bernhards Blumbergs ²

Affiliations: ¹ Centre for Digital Forensics and Cyber Security, Tallinn University of Technology and Estonia ; ² Centre for Digital Forensics and Cyber Security, Tallinn University of Technology, Estonia, CERT.LV, IMCS University of Latvia and Latvia

Keyword(s): ELF Binary Analysis, GNU/Linux System Hardening, Vulnerability Assessment, Software Containers.

Related Ontology Subjects/Areas/Topics: Internet Technology ; Intrusion Detection and Response ; Web Information Systems and Technologies

Abstract: Attacks against binaries, including novel hardware based attacks (e.g., Meltdown), are still very common, with hundreds of vulnerabilities discovered every year. This paper presents TED, an auditing tool which acts from the defense perspective and verifies whether proper defenses are in place for the GNU/Linux system and for each ELF binary in it. Unlike other solutions proposed, TED aims to integrate several tools and techniques by the use of software containers; this choice created the necessity to compare and analyze the most popular container platforms to determine the most suitable for this use case. The containerization approach allows to reduce complexity, gain flexibility and extensibility at the cost of a negligible performance loss, while significantly reducing the dependencies needed. Performance and functionality tests, both in lab and real-world environments, showed the feasibility of a container-based approach and the usefulness of TED in several use cases.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.135.185.194

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Mucci, D. and Blumbergs, B. (2019). TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries. In Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP; ISBN 978-989-758-359-9; ISSN 2184-4356, SciTePress, pages 361-369. DOI: 10.5220/0007371603610369

@conference{icissp19,
author={Daniele Mucci. and Bernhards Blumbergs.},
title={TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP},
year={2019},
pages={361-369},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007371603610369},
isbn={978-989-758-359-9},
issn={2184-4356},
}

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - ICISSP
TI - TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries
SN - 978-989-758-359-9
IS - 2184-4356
AU - Mucci, D.
AU - Blumbergs, B.
PY - 2019
SP - 361
EP - 369
DO - 10.5220/0007371603610369
PB - SciTePress