120 likes | 297 Vues
Constant Gardener. Technical Overview. Overview. Server focused security tool The clients primary goal is to prevent privilege escalation attacks. We’ll achieve this using the DynamoRIO API to modify processes as they run. Users.
E N D
ConstantGardener Technical Overview
Overview • Server focused security tool • The clients primary goal is to prevent privilege escalation attacks. • We’ll achieve this using the DynamoRIO API to modify processes as they run.
Users • The intended targets for this product are system administrators. • A system administrator will be able to make use of Constant Gardener to provide extra protection for specific processes that may be vulnerable to privilege escalation attacks.
Use Case • A system administrator will run a script • That script will initiate the target process and inject our client • Everything else should be transparent
What it’s NOT • Constant Gardener will not be for general purpose end-user use. • It will not be for personal computing systems • It will not provide general OS protection against all incoming attacks
Functional Requirements • Must build a control flow graph of the target binary • The control flow graph must be accessible indefinitely and protected from memory corruption or overwrite attacks • Must intercept system calls made by the target process • Must validate the system calls by comparing the path to the system call against the CFG
Functional Requirements • Must allow or deny the system call based on above comparison • Must protect memory to prevent corruption of protection abilities • Must not noticeably affect performance- this is for use on front-facing applications