TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries

Daniele Mucci; Bernhards Blumbergs

doi:10.5220/0007371603610369

TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries

Daniele Mucci, Bernhards Blumbergs

2019

Abstract

Attacks against binaries, including novel hardware based attacks (e.g., Meltdown), are still very common, with hundreds of vulnerabilities discovered every year. This paper presents TED, an auditing tool which acts from the defense perspective and verifies whether proper defenses are in place for the GNU/Linux system and for each ELF binary in it. Unlike other solutions proposed, TED aims to integrate several tools and techniques by the use of software containers; this choice created the necessity to compare and analyze the most popular container platforms to determine the most suitable for this use case. The containerization approach allows to reduce complexity, gain flexibility and extensibility at the cost of a negligible performance loss, while significantly reducing the dependencies needed. Performance and functionality tests, both in lab and real-world environments, showed the feasibility of a container-based approach and the usefulness of TED in several use cases.

Download

Paper Citation

in Harvard Style

Mucci D. and Blumbergs B. (2019). TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 361-369. DOI: 10.5220/0007371603610369

in Bibtex Style

@conference{icissp19,
author={Daniele Mucci and Bernhards Blumbergs},
title={TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={361-369},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007371603610369},
isbn={978-989-758-359-9},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - TED: A Container based Tool to Perform Security Risk Assessment for ELF Binaries
SN - 978-989-758-359-9
AU - Mucci D.
AU - Blumbergs B.
PY - 2019
SP - 361
EP - 369
DO - 10.5220/0007371603610369