Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring

  title={Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring},
  author={Anil Kurmus and Reinhard Tartler and Daniela Dorneanu and Bernhard Heinloth and Valentin Rothberg and Andreas Ziegler and Wolfgang Schr{\"o}der-Preikschat and Daniel Lohmann and R{\"u}diger Kapitza},
The economy of mechanism security principle states that program design should be kept as small and simple as possible. In practice, this principle is often disregarded to maximize user satisfaction, resulting in systems supporting a vast number of features by default, which in turn offers attackers a large code base to exploit. The Linux kernel exemplifies this problem: distributors include a large number of features, such as support for exotic filesystems and socket types, and attackers often… CONTINUE READING
Highly Cited
This paper has 44 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 29 extracted citations

Detection of Intrusions and Malware, and Vulnerability Assessment

Lecture Notes in Computer Science • 2014
View 12 Excerpts
Highly Influenced

FACE-CHANGE: Application-Driven Dynamic Kernel View Switching in a Virtual Machine

2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks • 2014
View 4 Excerpts
Highly Influenced

A Survey of IoT Security Threats and Solutions

2018 17th RoEduNet Conference: Networking in Education and Research (RoEduNet) • 2018
View 1 Excerpt

Formal model-based conformance verification of an OSEK/VDX compliant RTOS

2018 5th International Conference on Control, Decision and Information Technologies (CoDIT) • 2018
View 1 Excerpt


Publications referenced by this paper.
Showing 1-10 of 50 references

skipfish. Web application security scanner

Michal Zalewski, Niels Heinen, Sebastian Roschke
URL: http: // (visited on 06/03/2012) • 2012
View 5 Excerpts
Highly Influenced

Httperf - a Tool for Measuring Web Server Performance

SIGMETRICS Performance Evaluation Review • 1998
View 5 Excerpts
Highly Influenced

Benchmark suite for hard drive and file system performance

Russell Coker. Bonnie (visited on 08/02/2012) • 2012
View 2 Excerpts

CVE-2010-3904 exploit

D. Rosenberg
URL: www . • 2012
View 1 Excerpt

Mining Kbuild to Detect Variability Anomalies in Linux

2012 16th European Conference on Software Maintenance and Reengineering • 2012
View 3 Excerpts

“ The Evolution of SystemCall Monitoring ” . In : Proceedings of the 2008 Annual Computer Security Applications Conference

Stephanie Forrest, Steven Hofmeyr, Anil Somayaji

An Attack Surface Metric

IEEE Transactions on Software Engineering • 2011
View 3 Excerpts

Similar Papers

Loading similar papers…