Open Access iconOpen Access

ARTICLE

FFRA: A Fine-Grained Function-Level Framework to Reduce the Attack Surface

Xingxing Zhang1, Liang Liu1,*, Yu Fan1, Qian Zhou2

1 College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China
2 School of Modern Posts, Nanjing University of Posts and Telecommunications, Nanjing, China

* Corresponding Author: Liang Liu. Email: email

Computer Systems Science and Engineering 2024, 48(4), 969-987. https://doi.org/10.32604/csse.2024.046615

Abstract

System calls are essential interfaces that enable applications to access and utilize the operating system’s services and resources. Attackers frequently exploit application’s vulnerabilities and misuse system calls to execute malicious code, aiming to elevate privileges and so on. Consequently, restricting the misuse of system calls becomes a crucial measure in ensuring system security. It is an effective method known as reducing the attack surface. Existing attack surface reduction techniques construct a global whitelist of system calls for the entire lifetime of the application, which is coarse-grained. In this paper, we propose a Fine-grained Function-level framework to Reduce the Attack surface (FFRA). FFRA employs software static analysis to obtain the function call graph of the application. Combining the graph with a mapping of library functions generates each function’s legitimate system calls. As far as we know, it is the first approach to construct the whitelist of system calls for each function of the application. We have implemented a prototype of FFRA and evaluated its effectiveness with six popular server applications. The experimental results show that it disables 33% more system calls compared to existing approaches while detecting 15% more shellcode vulnerabilities. Our framework outperforms existing models by defending against a broader range of attacks. Integrated into antivirus software and intrusion prevention systems, FFRA could effectively counter malware by precisely restricting system calls.

Keywords


Cite This Article

APA Style
Zhang, X., Liu, L., Fan, Y., Zhou, Q. (2024). FFRA: A fine-grained function-level framework to reduce the attack surface. Computer Systems Science and Engineering, 48(4), 969-987. https://doi.org/10.32604/csse.2024.046615
Vancouver Style
Zhang X, Liu L, Fan Y, Zhou Q. FFRA: A fine-grained function-level framework to reduce the attack surface. Comput Syst Sci Eng. 2024;48(4):969-987 https://doi.org/10.32604/csse.2024.046615
IEEE Style
X. Zhang, L. Liu, Y. Fan, and Q. Zhou, “FFRA: A Fine-Grained Function-Level Framework to Reduce the Attack Surface,” Comput. Syst. Sci. Eng., vol. 48, no. 4, pp. 969-987, 2024. https://doi.org/10.32604/csse.2024.046615



cc Copyright © 2024 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 483

    View

  • 178

    Download

  • 0

    Like

Share Link