Abstract:

Privilege escalation attack is an important attack against the Linux. According to the types of exploited vulnerabilities, privilege escalation attacks can be classified into two categories: applicationlevel privilege escalation attack and kernel privilege escalation attack. Basic applicationlevel privilege escalation attacks can be prevented by the existing defense techniques, however, they cannot prevent kernel privilege escalation attacks fully. Kernel privilege escalation attacks are still one of the serious threats. We analyze the basic principles for exploiting kernel vulnerabilities and privilege escalation methods for kernel privilege escalation attacks, as well as some typical defense techniques. We analyze and verify the defense effects of the SELinux against kernel privilege escalation attacks, and point out future feasible research directions.

Key words: privilege escalation, kernel vulnerability, vulnerability exploitation, system security