Affiliation:
1. University of Illinois at Urbana-Champaign, USA
2. University of Utah, USA
Abstract
This article presents a systematic study on the security of modern file systems, following a vulnerability-centric perspective. Specifically, we collected 377 file system vulnerabilities committed to the CVE database in the past 20 years. We characterize them from four dimensions: why the vulnerabilities appear, how the vulnerabilities can be exploited, what consequences can arise, and how the vulnerabilities are fixed. This way, we build a deep understanding of the attack surfaces faced by file systems, the threats imposed by the attack surfaces, and the good and bad practices in mitigating the attacks in file systems. We envision that our study will bring insights towards the future development of file systems, the enhancement of file system security, and the relevant vulnerability-mitigating solutions.
Funder
NetApp Faculty Fellowship Award
NSF CAREER Award
Publisher
Association for Computing Machinery (ACM)
Subject
Hardware and Architecture
Reference94 articles.
1. n.d. Apple File System secure encryption mechanism. https://9to5mac.com/2016/06/13/apple-file-system-apfs/
2. n.d. Journaled File System Technology for Linux. http://jfs.sourceforge.net
3. n.d. OpenAFS. https://www.openafs.org
4. n.d. Overview of the Linux Virtual File System. https://www.kernel.org/doc/html/latest/filesystems/vfs.html
5. n.d. ReiserFS. https://en.wikipedia.org/wiki/ReiserFS