Awesome
Linux Security Papers
NOTE: Do NOT edit this file manually.
List of papers
| # | year | venue | title | authors | links |
|---|---|---|---|---|---|
| 1 | 2000 | ccs | Operating system enhancements to prevent the misuse of system calls. | Massimo Bernaschi, Emanuele Gabrielli, Luigi V. Mancini | paper BernaschiGM00 |
| 2 | 2000 | ndss | User-Level Infrastructure for System Call Interposition - A Platform for Intrusion Detection and Confinement. | K. Jain, R. Sekar | paper JainS00 |
| 3 | 2000 | usenix | Safety Checking of Kernel Extensions. | Craig Metz | paper Metz00a |
| 4 | 2003 | ndss | Traps and Pitfalls - Practical Problems in System Call Interposition Based Security Tools. | Tal, Garfinkel | paper Garfinkel03 |
| 5 | 2004 | ndss | Model Checking One Million Lines of C Code. | Hao Chen 0003, Drew Dean, David A. Wagner 0001 | paper ChenDW04 |
| 6 | 2004 | ndss | Ostia - A Delegating Architecture for Secure System Call Interposition. | Tal Garfinkel, Ben Pfaff, Mendel Rosenblum | paper GarfinkelPR04 |
| 7 | 2004 | osdi | Recovering Device Drivers (Awarded Best Paper!). | Michael M. Swift, Muthukaruppan Annamalai, Brian N. Bershad, Henry M. Levy | paper SwiftABL04 |
| 8 | 2004 | usenix | Trusted Path Execution for the Linux 2.6 Kernel as a Linux Security Module. | Niki A. Rahimi | paper Rahimi04 |
| 9 | 2004 | uss | Finding User/Kernel Pointer Bugs with Type Inference. | Robert Johnson, David A. Wagner 0001 | paper JohnsonW04 |
| 10 | 2005 | ndss | A Black-Box Tracing Technique to Identify Causes of Least-Privilege Incompatibilities. | Shuo Chen, John Dunagan, Chad Verbowski, Yi-Min Wang | paper ChenDVW05 |
| 11 | 2006 | eurosys | Thorough static analysis of device drivers. | Thomas Ball, Ella Bounimova, Byron Cook, Vladimir Levin, Jakob Lichtenberg, Con McGarvey, Bohus Ondrusek, Sriram K. Rajamani, Abdullah Ustuner | paper BallBCLLMORU06 |
| 12 | 2006 | osdi | XFI - Software Guards for System Address Spaces. | Úlfar Erlingsson, Martín Abadi, Michael Vrable, Mihai Budiu, George C. Necula | paper ErlingssonAVBN06 |
| 13 | 2007 | ccs | Automated detection of persistent kernel control-flow attacks. | Nick L. Petroni Jr., Michael W. Hicks | paper PetroniH07 |
| 14 | 2007 | eurosys | Sealing OS processes to improve dependability and safety. | Galen C. Hunt, Mark Aiken, Manuel Fähndrich, Chris Hawblitzel, Orion Hodson, James R. Larus, Steven Levi, Bjarne Steensgaard, David Tarditi, Ted Wobber | paper HuntAFHHLLSTW07 |
| 15 | 2007 | sosp | Information flow control for standard OS abstractions. | Maxwell N. Krohn, Alexander Yip, Micah Z. Brodsky, Natan Cliffer, M. Frans Kaashoek, Eddie Kohler, Robert Tappan Morris | paper KrohnYBCKKM07 |
| 16 | 2007 | sp | Usable Mandatory Integrity Protection for Operating Systems. | Ninghui Li, Ziqing Mao, Hong Chen | paper LiMC07 |
| 17 | 2007 | sp | Lurking in the Shadows - Identifying Systemic Threats to Kernel Data. | Arati Baliga, Pandurang Kamat, Liviu Iftode | paper BaligaKI07 |
| 18 | 2008 | eurosys | Manageable fine-grained information flow. | Petros Efstathopoulos, Eddie Kohler | paper EfstathopoulosK08 |
| 19 | 2008 | sp | Practical Proactive Integrity Preservation - A Basis for Malware Defense. | Weiqing Sun, R. Sekar, Gaurav Poothia, Tejas Karandikar | paper SunSPK08 |
| 20 | 2008 | sp | Verifying the Safety of User Pointer Dereferences. | Suhabe Bugrara, Alex Aiken | paper BugraraA08 |
| 21 | 2008 | uss | Real-World Buffer Overflow Protection for Userspace and Kernelspace. | Michael Dalton, Hari Kannan, Christos Kozyrakis | paper DaltonKK08 |
| 22 | 2009 | ccs | Mapping kernel objects to enable systematic integrity checking. | Martim Carbone, Weidong Cui, Long Lu, Wenke Lee, Marcus Peinado, Xuxian Jiang | paper CarboneCLLPJ09 |
| 23 | 2009 | ccs | Robust signatures for kernel data structures. | Brendan Dolan-Gavitt, Abhinav Srivastava, Patrick Traynor, Jonathon T. Giffin | paper Dolan-GavittSTG09 |
| 24 | 2009 | eurosys | Multi-aspect profiling of kernel rootkit behavior. | Ryan Riley, Xuxian Jiang, Dongyan Xu | paper RileyJX09 |
| 25 | 2009 | ndss | K-Tracer - A System for Extracting Kernel Malware Behavior. | Andrea Lanzi, Monirul I. Sharif, Wenke Lee | paper LanziSL09 |
| 26 | 2009 | ndss | Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems. | Hong Chen, Ninghui Li, Ziqing Mao | paper ChenLM09 |
| 27 | 2009 | ndss | IntScope - Automatically Detecting Integer Overflow Vulnerability in X86 Binary Using Symbolic Execution. | Tielei Wang, Tao Wei, Zhiqiang Lin, Wei Zou | paper WangWLZ09 |
| 28 | 2009 | usenix | Linux Kernel Developer Responses to Static Analysis Bug Reports. | Philip J. Guo, Dawson R. Engler | paper GuoE09 |
| 29 | 2009 | uss | Return-Oriented Rootkits - Bypassing Kernel Code Integrity Protection Mechanisms. | Ralf Hund, Thorsten Holz, Felix C. Freiling | paper HundHF09 |
| 30 | 2010 | eurosys | Defeating return-oriented rootkits with Return-Less kernels. | Jinku Li, Zhi Wang 0004, Xuxian Jiang, Michael C. Grace, Sina Bahram | paper LiWJGB10 |
| 31 | 2010 | usenix | Tolerating Malicious Device Drivers in Linux. | Silas Boyd-Wickizer, Nickolai Zeldovich | paper Boyd-WickizerZ10 |
| 32 | 2011 | ndss | Practical Protection of Kernel Integrity for Commodity OS from Untrusted Extensions. | Xi Xiong, Donghai Tian, Peng Liu 0005 | paper XiongTL11 |
| 33 | 2011 | ndss | Efficient Monitoring of Untrusted Kernel-Mode Execution. | Abhinav Srivastava, Jonathon T. Giffin | paper SrivastavaG11 |
| 34 | 2011 | ndss | SigGraph - Brute Force Scanning of Kernel Data Structure Instances Using Graph-based Signatures. | Zhiqiang Lin, Junghwan Rhee, Xiangyu Zhang 0001, Dongyan Xu, Xuxian Jiang | paper LinRZXJ11 |
| 35 | 2012 | ndss | Kruiser - Semi-synchronized Non-blocking Concurrent Kernel Heap Buffer Overflow Monitoring. | Donghai Tian, Qiang Zeng 0001, Dinghao Wu, Peng Liu 0005, Changzhen Hu | paper TianZW0H12 |
| 36 | 2012 | osdi | Improving Integer Security for Systems with KINT. | Xi Wang 0005, Haogang Chen 0001, Zhihao Jia, Nickolai Zeldovich, M. Frans Kaashoek | paper WangCJZK12 |
| 37 | 2012 | sp | Smashing the Gadgets - Hindering Return-Oriented Programming Using In-place Code Randomization. | Vasilis Pappas, Michalis Polychronakis, Angelos D. Keromytis | paper PappasPK12 |
| 38 | 2012 | uss | Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization. | Cristiano Giuffrida, Anton Kuijsten, Andrew S. Tanenbaum | paper GiuffridaKT12 |
| 39 | 2013 | eurosys | Process firewalls - protecting processes during resource access. | Hayawardh Vijayakumar, Joshua Schiffman, Trent Jaeger | paper VijayakumarSJ13 |
| 40 | 2013 | ndss | Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring. | Anil Kurmus, Reinhard Tartler, Daniela Dorneanu, Bernhard Heinloth, Valentin Rothberg, Andreas Ruprecht, Wolfgang Schröder-Preikschat, Daniel Lohmann, Rüdiger Kapitza | paper KurmusTDHRRSLK13 |
| 41 | 2013 | sp | SoK - Eternal War in Memory. | Laszlo Szekeres, Mathias Payer, Tao Wei, Dawn Song | paper SzekeresPWS13 |
| 42 | 2013 | sp | Just-In-Time Code Reuse - On the Effectiveness of Fine-Grained Address Space Layout Randomization. | Kevin Z. Snow, Fabian Monrose, Lucas Davi, Alexandra Dmitrienko, Christopher Liebchen, Ahmad-Reza Sadeghi | paper SnowMDDLS13 |
| 43 | 2014 | ccs | A Tale of Two Kernels - Towards Ending Kernel Hardening Wars with Split Kernel. | Anil Kurmus, Robby Zippel | paper KurmusZ14 |
| 44 | 2014 | ndss | ROPecker - A Generic and Practical Approach For Defending Against ROP Attacks. | Yueqiang Cheng, Zongwei Zhou, Miao Yu, Xuhua Ding, Robert H. Deng | paper ChengZYDD14 |
| 45 | 2014 | osdi | Jitk - A Trustworthy In-Kernel Interpreter Infrastructure. | Xi Wang 0005, David Lazar, Nickolai Zeldovich, Adam Chlipala, Zachary Tatlock | paper WangLZCT14 |
| 46 | 2014 | sp | KCoFI - Complete Control-Flow Integrity for Commodity Operating System Kernels. | John Criswell, Nathan Dautenhahn, Vikram S. Adve | paper CriswellDA14 |
| 47 | 2014 | sp | Dancing with Giants - Wimpy Kernels for On-Demand Isolated I/O. | Zongwei Zhou, Miao Yu, Virgil D. Gligor | paper ZhouYG14 |
| 48 | 2014 | usenix | Static Analysis of Variability in System Software - The 90, 000 #ifdefs Issue. | Reinhard Tartler, Christian Dietrich 0001, Julio Sincero, Wolfgang Schröder-Preikschat, Daniel Lohmann | paper TartlerDSSL14 |
| 49 | 2015 | ndss | Preventing Use-after-free with Dangling Pointers Nullification. | Byoungyoung Lee, Chengyu Song, Yeongjin Jang, Tielei Wang, Taesoo Kim, Long Lu, Wenke Lee | paper LeeSJWKLL15 |
| 50 | 2016 | ccs | Prefetch Side-Channel Attacks - Bypassing SMAP and Kernel ASLR. | Daniel Gruss, Clémentine Maurice, Anders Fogh, Moritz Lipp, Stefan Mangard | paper GrussMFLM16 |
| 51 | 2016 | ccs | Breaking Kernel Address Space Layout Randomization with Intel TSX. | Yeongjin Jang, Sangho Lee 0001, Taesoo Kim | paper JangLK16 |
| 52 | 2016 | ccs | UniSan - Proactive Kernel Memory Initialization to Eliminate Data Leakages. | Kangjie Lu, Chengyu Song, Taesoo Kim, Wenke Lee | paper LuSKL16 |
| 53 | 2016 | ndss | Enforcing Kernel Security Invariants with Data Flow Integrity. | Chengyu Song, Byoungyoung Lee, Kangjie Lu, William Harris, Taesoo Kim, Wenke Lee | paper SongLLHKL16 |
| 54 | 2016 | osdi | Light-Weight Contexts - An OS Abstraction for Safety and Performance. | James Litton, Anjo Vahldiek-Oberwagner, Eslam Elnikety, Deepak Garg 0001, Bobby Bhattacharjee, Peter Druschel | paper LittonVE0BD16 |
| 55 | 2016 | osdi | EbbRT - A Framework for Building Per-Application Library Operating Systems. | Dan Schatzberg, James Cadden, Han Dong, Orran Krieger, Jonathan Appavoo | paper SchatzbergCDKA16 |
| 56 | 2017 | ccs | FreeGuard - A Faster Secure Heap Allocator. | Sam Silvestro, Hongyu Liu, Corey Crosser, Zhiqiang Lin, Tongping Liu | paper SilvestroLCLL17 |
| 57 | 2017 | eurosys | DangSan - Scalable Use-after-free Detection. | Erik van der Kouwe, Vinod Nigade, Cristiano Giuffrida | paper KouweNG17 |
| 58 | 2017 | eurosys | A Characterization of State Spill in Modern Operating Systems. | Kevin Boos, Emilio Del Vecchio, Lin Zhong 0001 | paper BoosVZ17 |
| 59 | 2017 | eurosys | kRX - Comprehensive Kernel Protection against Just-In-Time Code Reuse. | Marios Pomonis, Theofilos Petsios, Angelos D. Keromytis, Michalis Polychronakis, Vasileios P. Kemerlis | paper PomonisPKPK17 |
| 60 | 2017 | ndss | PT-Rand - Practical Mitigation of Data-only Attacks against Page Tables. | Lucas Davi, David Gens, Christopher Liebchen, Ahmad-Reza Sadeghi | paper DaviGLS17 |
| 61 | 2017 | ndss | Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying. | Kangjie Lu, Marie-Therese Walter, David Pfaff, Stefan Nümberger, Wenke Lee, Michael Backes 0001 | paper LuWPNL017 |
| 62 | 2017 | sp | NORAX - Enabling Execute-Only Memory for COTS Binaries on AArch64. | Yaohui Chen, Dongli Zhang, Ruowen Wang, Rui Qiao, Ahmed M. Azab, Long Lu, Hayawardh Vijayakumar, Wenbo Shen | paper ChenZWQALVS17 |
| 63 | 2017 | usenix | Lock-in-Pop - Securing Privileged Operating System Kernels by Keeping on the Beaten Path. | Yiwen Li, Brendan Dolan-Gavitt, Sam Weber, Justin Cappos | paper LiDWC17 |
| 64 | 2018 | ndss | K-Miner - Uncovering Memory Corruption in Linux. | David Gens, Simon Schmitt, Lucas Davi, Ahmad-Reza Sadeghi | paper GensSDS18 |
| 65 | 2018 | sp | Precise and Scalable Detection of Double-Fetch Bugs in OS Kernels. | Meng Xu, Chenxiong Qian, Kangjie Lu, Michael Backes 0001, Taesoo Kim | paper XuQL0K18 |
| 66 | 2019 | sp | LBM - A Security Framework for Peripherals within the Linux Kernel. | Dave Jing Tian, Grant Hernandez, Joseph I. Choi, Vanessa Frost, Peter C. Johnson 0001, Kevin R. B. Butler | paper TianHCFJB19 |
| 67 | 2019 | sp | SoK - Shining Light on Shadow Stacks. | Nathan Burow, Xinping Zhang, Mathias Payer | paper BurowZP19 |
| 68 | 2019 | sp | SoK - Sanitizing for Security. | Dokyung Song, Julian Lettner, Prabhu Rajasekaran, Yeoul Na, Stijn Volckaert, Per Larsen, Michael Franz | paper SongLRNVLF19 |
| 69 | 2019 | usenix | Effective Static Analysis of Concurrency Use-After-Free Bugs in Linux Device Drivers. | Jia-Ju Bai, Julia Lawall, Qiu-Liang Chen, Shi-Min Hu 0001 | paper BaiLCH19 |
| 70 | 2019 | usenix | LXDs - Towards Isolation of Kernel Subsystems. | Vikram Narayanan, Abhiram Balasubramanian, Charlie Jacobsen, Sarah Spall, Scotty Bauer, Michael Quigley, Aftab Hussain, Abdullah Younis, Junjie Shen, Moinak Bhattacharyya, Anton Burtsev | paper NarayananBJSBQH19 |