DeepAI AI Chat
Log In Sign Up

The Security War in File Systems: An Empirical Study from A Vulnerability-Centric Perspective

by   Jinghan Sun, et al.
University of Illinois at Urbana-Champaign

This paper presents a systematic study on the security of modern file systems, following a vulnerability-centric perspective. Specifically, we collected 377 file system vulnerabilities committed to the CVE database in the past 20 years. We characterize them from four dimensions that include why the vulnerabilities appear, how the vulnerabilities can be exploited, what consequences can arise, and how the vulnerabilities are fixed. This way, we build a deep understanding of the attack surfaces faced by file systems, the threats imposed by the attack surfaces, and the good and bad practices in mitigating the attacks in file systems. We envision that our study will bring insights towards the future development of file systems, the enhancement of file system security, and the relevant vulnerability mitigating solutions.


page 10

page 16

page 18


Unsafe at Any Copy: Name Collisions from Mixing Case Sensitivities

File name confusion attacks, such as malicious symbolic links and file s...

Revealing the Weaknesses of File Sharing System on Cloud Storages

Cloud storage provides the simpler way to share the files privately and ...

Developing Hands-on Labs for Source Code Vulnerability Detection with AI

As the role of information and communication technologies gradually incr...

Threat Assessment in Machine Learning based Systems

Machine learning is a field of artificial intelligence (AI) that is beco...

An Input-Aware Mimic Defense Theory and its Practice

The current security problems in cyberspace are characterized by strong ...

Half-Day Vulnerabilities: A study of the First Days of CVE Entries

The National Vulnerability Disclosure Database is an invaluable source o...

A Grounded Theory Based Approach to Characterize Software Attack Surfaces

The notion of Attack Surface refers to the critical points on the bounda...