Site
https://www.sec.in.tum.de/i20
Zur Sicherheit mobiler persönlicher Endgeräte - eine Bestandsaufnahme
https://www.sec.in.tum.de/i20/publications/zur-sicherheit-mobiler-pers-o-nlicher-endger-a-te-eine-bestandsaufnahme
No publisher2018/01/04 15:37:00 GMT+1InproceedingsZero Trust in Cloud Assurance
https://www.sec.in.tum.de/i20/student-work/zero-trust-in-cloud-assurance
No publisher2023/02/28 11:36:00 GMT+1StudentthesisxMP: Selective Memory Protection for Kernel and User Space
https://www.sec.in.tum.de/i20/publications/xmp-selective-memory-protection-for-kernel-and-user-space
Attackers leverage memory corruption vulnerabilities to establish primitives for reading from or writing to the address space of a vulnerable process. These primitives form the foundation for code-reuse and data-oriented attacks. While various defenses against the former class of attacks have proven effective, mitigation of the latter remains an open problem. In this paper, we identify various shortcomings of the x86 architecture regarding memory isolation, and leverage virtualization to build an effective defense against data-oriented attacks. Our approach, called xMP, provides (in-guest) selective memory protection primitives that allow VMs to isolate sensitive data in user or kernel space in disjoint xMP domains. We interface the Xen altp2m subsystem with the Linux memory management system, lending VMs the flexibility to define custom policies. Contrary to conventional approaches, xMP takes advantage of virtualization extensions, but after initialization, it does not require any hypervisor intervention. To ensure the integrity of in-kernel management information and pointers to sensitive data within isolated domains, xMP protects pointers with HMACs bound to an immutable context, so that integrity validation succeeds only in the right context. We have applied xMP to protect the page tables and process credentials of the Linux kernel, as well as sensitive data in various user-space applications. Overall, our evaluation shows that xMP introduces minimal overhead for real-world workloads and applications, and offers effective protection against data-oriented attacks.No publisher2019/10/06 23:35:00 GMT+1InproceedingsX-TIER: Kernel Module Injection
https://www.sec.in.tum.de/i20/publications/x-tier-kernel-module-injection
In spite of the fact that security applications can greatly benefit from virtualization, hypervisor-based security solutions remain sparse. The main cause for this is the semantic gap, which makes the development of hypervisor-based security applications cumbersome, error-prone, and time-consuming. In this paper, we present X-TIER, a framework that enables hypervisor-based security applications to bridge the semantic gap by injecting kernel modules from the outside into a running virtual machine (VM). While previous approaches bridge the semantic gap by reading kernel objects from memory, X-TIER goes beyond such work and allows the injected code to manipulate the guest operating system (OS) state and even call kernel functions without sacrificing the overall security. We have implemented a prototype of X-TIER on the x86 architecture that supports module injection for Windows and Linux guests. The evaluation of our system shows that kernel module injection only incurs a very small performance overhead, leaves no traces within the guest system, and provides access to all exported guest OS data structures and functions. Consequently, the mechanism is well-suited for creating hypervisor-based security applications.No publisher2018/01/08 16:04:49 GMT+1IncollectionWS2022
https://www.sec.in.tum.de/i20/teaching/ws2022
No publisher2020/06/25 08:46:00 GMT+1FolderWS2020
https://www.sec.in.tum.de/i20/teaching/ws2020
No publisher2020/06/25 08:46:00 GMT+1FolderWS2019
https://www.sec.in.tum.de/i20/teaching/ws2019
No publisher2017/08/25 10:23:00 GMT+1FolderWS2018
https://www.sec.in.tum.de/i20/teaching/ws2018
No publisher2017/08/25 10:23:00 GMT+1FolderWS2017
https://www.sec.in.tum.de/i20/teaching/ws2017
No publisher2017/09/05 14:27:00 GMT+1FolderWS2016
https://www.sec.in.tum.de/i20/teaching/ws2016
No publisher2017/10/12 11:20:00 GMT+1FolderWS2015
https://www.sec.in.tum.de/i20/teaching/ws2015
No publisher2017/10/12 13:56:24 GMT+1FolderWS 2023
https://www.sec.in.tum.de/i20/teaching/ws-2023
No publisher2023/06/19 11:17:55 GMT+1Folderwriting_sec_code.png
https://www.sec.in.tum.de/i20/assets/images/writing_sec_code.png/view
No publisherImagewissenschaftliches-schreiben-mit-latex.pdf
https://www.sec.in.tum.de/i20/assets/vorlesung/wissenschaftliches-schreiben-mit-latex.pdf/view
No publisherFileWissenschaftliche Mitarbeiter 202111
https://www.sec.in.tum.de/i20/assets/jobs/11_21_stellenausschreibung-wimi.pdf/view
No publisherFile