Viva la pace!
Remus > WebHome
TWiki webs: Users | TWiki | Sandbox   Log In or Register

Changes | Index | Search | Go

REMUS Project: REference Monitor for Unix Systems

Objective The main objective of the REMUS project consists in developing an Intrusion Detection System for Linux kernel 2.4 that is able to detect any attempt to hijack the control of privileged processes, for example by means of buffer overflow attacks. Remus is designed to confine root-privileged and setuid processes by mediating their use of security-relevant system calls. In particular, REMUS provides:

  • a secure enhancement of Linux by means of a LKM (Loadable Kernel Module) that uses interposition at the system call interface to implement the access control functionality;

  • the detection of illegal invocation of critical system calls before they complete so to prevent attackers to hijack the control of any privileged process;

  • an efficient check of the argument values of the system calls;

  • the design and the kernel implementation of a scheme to prevent a subverted privileged application from loading a maliciuos kernel module. The extended system maitains a digital signature of the executable code of the legal modules which are the only one that can be loaded and executed;

  • the integration of the Access Control Database (ACD) with the Unix standard virtual file system /proc. Administrators see the ACD has a directory, each file contains the set of rules for a given critical system call. Thanks to this interface, the administrators can configure Remus to allow confined processes to make only certain calls with certain parameters.

Abstract

It is widely accepted that immediate detection of security rules violations can be achieved by monitoring the system calls made by processes. This in turn makes possible to prevent malicious invocations of system calls from breaking system security.

We have developed the REMUS (REference Monitor for Unix Systems) prototype for monitoring those critical system calls which may be used to subvert the execution of privileged applications. REMUS employs a simple mechanism for system calls interception at the OS kernel level and requires minimal additions to the kernel code and no change to the syntax and semantics of existing system calls. Basically, the system call execution is allowed just in case the invoking process and the value of the arguments comply with the rules kept in an Access Control Database (ACD) within the kernel. Common penetration techniques that involve tricking the system into running the intruder's own program in privileged mode are blocked by this approach. In particular, REMUS blocks buffer overflow attacks before they can complete. Note that these are just examples of possible attacks, since our approach intends to protect against any technique that allows an attacker to hijack the control of a privileged process.

The REMUS collaborators

  • Massimo Bernaschi, Istituto di Applicazione del Calcolo, CNR, Roma, Italy.
  • Luigi V. Mancini and Emanuele Gabrielli, Dipartimento di Informatica, Universita’ di Roma “La Sapienza”, Italy.
  • Master students involved so far: Ivano Alonzi, Giacomo Magnini

Pubblications

Software

REMUS is Free software designed for the Linux Kernel 2.4, and is available for download under the GNU GPL from the following Primary FTP site: https://sourceforge.net/projects/remus/

PACUM is Free software designed for the analyis of the SElinux configuration, and is available for download under the GNU GPL from the following Primary FTP site: http://spazioinwind.libero.it/paculandia

Related Links

Events

Important Dates

March 2024
          01 02
03 04 05 06 07 08 09
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31            


Latest News

I Attachment HistorySorted ascending Action Size Date Who Comment
GIFgif Logo-LUG-norm.gif r1 manage 2.4 K 2003-03-13 - 08:07 LuigiMancini  
Compressed Zip archivezip Network-based_vulnerability_assessment.zip r1 manage 407.2 K 2003-03-13 - 08:10 LuigiMancini  
GIFgif SecurITyuniROMA1.gif r1 manage 14.7 K 2003-03-13 - 08:06 LuigiMancini  
GIFgif logo.gif r1 manage 6.9 K 2003-03-13 - 08:06 LuigiMancini  
Compressed Zip archivezip psicologia_computer_crime.zip r1 manage 1035.6 K 2003-03-13 - 08:10 LuigiMancini  
HTMLhtml information.html r3 r2 r1 manage 5.7 K 2003-03-13 - 08:07 LuigiMancini  
HTMLhtml demo.html r4 r3 r2 r1 manage 9.2 K 2003-03-13 - 08:07 LuigiMancini  
HTMLhtml details.html r4 r3 r2 r1 manage 10.8 K 2003-03-13 - 08:07 LuigiMancini  
HTMLhtml index.html r6 r5 r4 r3 r2 manage 8.4 K 2003-03-13 - 08:06 LuigiMancini  
Edit | Attach | Watch | Print version | History: r23 < r22 < r21 < r20 < r19 | Backlinks | Raw View | Raw edit | More topic actions

This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback