Understanding Security Vulnerabilities in File Systems

File systems have been developed for decades with the security-critical foundation provided by operating systems. However, they are still vulnerable to malware attacks and software defects. In this paper, we undertake the first attempt to systematically understand the security vulnerabilities in various file systems. We conduct an empirical study of 157 real cases reported in Common Vulnerabilities and Exposures (CVE). We characterize the file system vulnerabilities in different dimensions that include the common vulnerabilities leveraged by adversaries to initiate their attacks, their exploitation procedures, root causes, consequences, and mitigation approaches. We believe the insights derived from this study have broad implications related to the further enhancement of the security aspect of file systems, and the associated vulnerability detection tools.

[1]  Dirk Grunwald,et al.  Custos: Increasing Security with Secret Storage as a Service , 2014, TRIOS.

[2]  Youngjin Kwon,et al.  TxFS , 2019, USENIX Annual Technical Conference.

[3]  Xi Wang,et al.  Linux kernel vulnerabilities: state-of-the-art defenses and open problems , 2011, APSys.

[4]  Karsten Schwan,et al.  An Evolutionary Study of Linux Memory Management for Fun and Profit , 2016, USENIX Annual Technical Conference.

[5]  Yanick Fratantonio,et al.  Understanding Linux Malware , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[6]  Craig A. N. Soules,et al.  Self-securing storage: protecting data in compromised systems , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[7]  Qian Wang,et al.  Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.

[8]  Junfeng Yang,et al.  Using model checking to find serious file system errors , 2004, TOCS.

[9]  A. Chervenak,et al.  Protecting File Systems : A Survey of Backup Techniques , 1998 .

[10]  Sidney Amani,et al.  Cogent: Verifying High-Assurance File System Implementations , 2016, ASPLOS.

[11]  Cheng Li,et al.  A study of the internal and external effects of concurrency bugs , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).

[12]  Junfeng Yang,et al.  EXPLODE: a lightweight, general system for finding serious storage system errors , 2006, OSDI '06.

[13]  Joo Young Hwang,et al.  F2FS: A New File System for Flash Storage , 2015, FAST.

[14]  Tanakorn Leesatapornwongsa,et al.  What Bugs Live in the Cloud? A Study of 3000+ Issues in Cloud Systems , 2014, SoCC.

[15]  Darrell D. E. Long,et al.  Horus: fine-grained encryption-based security for large-scale storage , 2013, FAST.

[16]  Karsten Schwan,et al.  Understanding issue correlations: a case study of the Hadoop system , 2015, SoCC.

[17]  Junfeng Yang,et al.  Automatically generating malicious disks using symbolic execution , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[18]  E. Miller,et al.  Strong security for distributed file systems , 2001, Conference Proceedings of the 2001 IEEE International Performance, Computing, and Communications Conference (Cat. No.01CH37210).

[19]  Stephen C. Tweedie,et al.  Journaling the Linux ext2fs Filesystem , 2008 .

[20]  Andrea C. Arpaci-Dusseau,et al.  Physical Disentanglement in a Container-Based File System , 2014, OSDI.

[21]  Peng Liu,et al.  FlashGuard: Leveraging Intrinsic Flash Properties to Defend Against Encryption Ransomware , 2017, CCS.

[22]  Michael J. Feeley,et al.  Secure file system versioning at the block level , 2007, EuroSys '07.

[23]  Mendel Rosenblum,et al.  The design and implementation of a log-structured file system , 1991, SOSP '91.

[24]  Angela Demke Brown,et al.  Recon: Verifying file system consistency at runtime , 2012, TOS.

[25]  Nicolas Christin,et al.  Push-Button Verification of File Systems via Crash Refinement , 2016, USENIX Annual Technical Conference.

[26]  Changwoo Min,et al.  Cross-checking semantic correctness: the case of finding file system bugs , 2015, SOSP.

[27]  Emina Torlak,et al.  Specifying and Checking File System Crash-Consistency Models , 2016, International Conference on Architectural Support for Programming Languages and Operating Systems.

[28]  Shan Lu,et al.  TaxDC: A Taxonomy of Non-Deterministic Concurrency Bugs in Datacenter Distributed Systems , 2016, ASPLOS.

[29]  Darrell D. E. Long,et al.  Strong Security for Network-Attached Storage , 2002, FAST.

[30]  James Lau,et al.  File System Design for an NFS File Server Appliance , 1994, USENIX Winter.

[31]  Andrea C. Arpaci-Dusseau,et al.  A Study of Linux File System Evolution , 2013, FAST.

[32]  Adam Chlipala,et al.  Using Crash Hoare logic for certifying the FSCQ file system , 2015, USENIX Annual Technical Conference.

[33]  Xinyu Feng,et al.  A Practical Verification Framework for Preemptive OS Kernels , 2016, CAV.

[34]  Sang-Won Lee,et al.  Lightweight Application-Level Crash Consistency on Transactional Flash Storage , 2015, USENIX Annual Technical Conference.

[35]  Taesoo Kim,et al.  Fuzzing File Systems via Two-Dimensional Input Space Exploration , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[36]  Yuanyuan Zhou,et al.  Learning from mistakes: a comprehensive study on real world concurrency bug characteristics , 2008, ASPLOS.

[37]  Andrea C. Arpaci-Dusseau,et al.  All File Systems Are Not Created Equal: On the Complexity of Crafting Crash-Consistent Applications , 2014, OSDI.

[38]  Xuechen Zhang,et al.  Pallas: Semantic-Aware Checking for Finding Deep Bugs in Fast Path , 2017, ASPLOS.

[39]  Adam Chlipala,et al.  Verifying a high-performance crash-safe file system using a tree specification , 2017, SOSP.

[40]  Zhong Shao,et al.  CertiKOS: An Extensible Architecture for Building Certified Concurrent OS Kernels , 2016, OSDI.