δείτε την πρωτότυπη σελίδα τεκμηρίου στον ιστότοπο του αποθετηρίου του φορέα για περισσότερες πληροφορίες και για να δείτε όλα τα ψηφιακά αρχεία του τεκμηρίου*
Analysis & development of DLL-hijacking attacks in Windows
(EL)
Γεωργόπουλος, Αναστάσιος - Δημήτριος
Νταντογιάν, Χριστόφορος
Τεχνοοικονομική Διοίκηση και Ασφάλεια Ψηφιακών Συστημάτων
(EL)
At runtime execution, the operating system loads data and information from auxiliary components so called libraries in order to complete its full functionality. For more flexibility, Microsoft has implemented the use of DLLs (Dynamic-link libraries) which can be loaded in memory dynamically serving several different applications with one component. Despite this helpful property, the DLLs have an embedded disadvantage: as their call can be done by name, the possibility for a malicious DLL to be loaded instead of the genuine one, it is really high if it is placed at the right directory. In particular, dynamic loading can be hijacked by placing an arbitrary file with the specified name in a directory searched before resolving the target component. In this master thesis, we analyze some of most popular applications as far as DLL loadings are concerned, we present a user interface for easily detecting DLL unsafe loadings and we conclude with their vulnerability to several kinds of attacks. Finally, we suggest a list of programming and system administration rules that are based on our analyses in order to improve the overall security of Windows operating systems.
(EL)
*Η εύρυθμη και αδιάλειπτη λειτουργία των διαδικτυακών διευθύνσεων των συλλογών (ψηφιακό αρχείο, καρτέλα τεκμηρίου στο αποθετήριο) είναι αποκλειστική ευθύνη των αντίστοιχων Φορέων περιεχομένου.
Analysis & development of DLL-hijacking attacks in Windows
Analysis & development of DLL-hijacking attacks in Windows
Βοηθείστε μας να κάνουμε καλύτερο το OpenArchives.gr.
Πανεπιστήμιο Πειραιώς
