Trusted Execution Path for Protecting Java Applications Against Deserialization of Untrusted Data

Deserialization of untrusted data is an issue in many programming languages. In particular, deserialization of untrusted data in Java can lead to Remote Code Execution attacks. Conditions for this type of attack exist, but vulnerabilities are hard to detect. In this paper, we propose a novel sandboxing approach for protecting Java applications based on trusted execution path used for defining the deserialization behavior. We test our defensive mechanism on two main Java Framework JBoss and Jenkins and we show the effectiveness and efficiency of our system. We also discuss the limitations of our current system on newer attacks strategies.

[1]  Weibo Gong,et al.  Anomaly detection using call stack information , 2003, 2003 Symposium on Security and Privacy, 2003..

[2]  Robert C. Seacord,et al.  Java Deserialization Vulnerabilities and Mitigations , 2017, 2017 IEEE Cybersecurity Development (SecDev).

[3]  Benjamin Livshits,et al.  Finding Security Vulnerabilities in Java Applications with Static Analysis , 2005, USENIX Security Symposium.

[4]  Tudor Dumitras,et al.  Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI , 2017, CCS.

[5]  Paul A. Karger,et al.  Limiting the Damage Potential of Discretionary Trojan Horses , 1987, 1987 IEEE Symposium on Security and Privacy.

[6]  Alexander Serebrenik,et al.  Challenges for Static Analysis of Java Reflection - Literature Review and Empirical Study , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE).

[7]  Peter G. Neumann,et al.  CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization , 2015, 2015 IEEE Symposium on Security and Privacy.

[8]  Davide Balzarotti,et al.  Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks , 2016, USENIX Security Symposium.

[9]  Jun Xu,et al.  Non-Control-Data Attacks Are Realistic Threats , 2005, USENIX Security Symposium.

[10]  David A. Wagner,et al.  Joe-E: A Security-Oriented Subset of Java , 2010, NDSS.

[11]  Muli Ben-Yehuda,et al.  CODOMs: Protecting software with Code-centric memory Domains , 2014, 2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA).

[12]  Thorsten Holz,et al.  Code Reuse Attacks in PHP: Automated POP Chain Generation , 2014, CCS.

[13]  Engin Kirda,et al.  Hypervisor-based malware protection with AccessMiner , 2015, Comput. Secur..

[14]  Krste Asanovic,et al.  Mondrix: memory isolation for linux using mondriaan memory protection , 2005, SOSP '05.