A Qualitative Analysis of Privilege Escalation

2006 IEEE International Conference on Information Reuse & Integration Pub Date : 2006-12-04 DOI:10.1109/IRI.2006.252441

Xinyue Song, M. Stinson, R. Lee, Paul B. Albee

{"title":"A Qualitative Analysis of Privilege Escalation","authors":"Xinyue Song, M. Stinson, R. Lee, Paul B. Albee","doi":"10.1109/IRI.2006.252441","DOIUrl":null,"url":null,"abstract":"Many programming bugs can lead to privilege escalation, which is a major security concern. However, there are times when the concern proves to be a false positive. In a previous paper, \"An Approach to Analyzing the Windows and Linux Security Models\", a set of metrics was proposed to assess risks quantitatively Xinyue Song, et al (2006). However, with the risk quantified, there is still not a clearly defined way of distinguishing between the true and false positives on the continuum of security risks. An effective method needs to be developed to solve this problem. In this paper, a new set of qualitative metrics is proposed in order to draw a correct conclusion on the criticality of a privilege escalation case. This set of qualitative metrics works more effectively to answer this question. Two cases are examined to demonstrate how this set of qualitative metrics works. Through a comparison of these two cases, it is demonstrated that the question of true or false positive to privilege escalation can be answered correctly. Therefore, this is an effective solution in solving this different type of problems","PeriodicalId":402255,"journal":{"name":"2006 IEEE International Conference on Information Reuse & Integration","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 IEEE International Conference on Information Reuse & Integration","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IRI.2006.252441","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Many programming bugs can lead to privilege escalation, which is a major security concern. However, there are times when the concern proves to be a false positive. In a previous paper, "An Approach to Analyzing the Windows and Linux Security Models", a set of metrics was proposed to assess risks quantitatively Xinyue Song, et al (2006). However, with the risk quantified, there is still not a clearly defined way of distinguishing between the true and false positives on the continuum of security risks. An effective method needs to be developed to solve this problem. In this paper, a new set of qualitative metrics is proposed in order to draw a correct conclusion on the criticality of a privilege escalation case. This set of qualitative metrics works more effectively to answer this question. Two cases are examined to demonstrate how this set of qualitative metrics works. Through a comparison of these two cases, it is demonstrated that the question of true or false positive to privilege escalation can be answered correctly. Therefore, this is an effective solution in solving this different type of problems

查看原文本刊更多论文

特权升级的定性分析

许多编程错误可能导致特权升级，这是一个主要的安全问题。然而，有时这种担心被证明是错误的。在之前的一篇论文《分析Windows和Linux安全模型的方法》中，提出了一组量化评估风险的指标。然而，随着风险的量化，仍然没有一个明确定义的方法来区分安全风险连续体上的真阳性和假阳性。需要找到一种有效的方法来解决这个问题。本文提出了一套新的定性指标，以便对特权升级案例的临界性得出正确的结论。这组定性指标更有效地回答了这个问题。本文将研究两个案例，以演示这组定性度量是如何工作的。通过对这两种情况的比较，证明可以正确回答特权升级的真或假阳性问题。因此，这是解决这种不同类型问题的有效解决方案

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2006 IEEE International Conference on Information Reuse & Integration

自引率

0.00%

发文量