Show simple item record

dc.contributor.advisorΝταντογιάν, Χριστόφορος
dc.contributor.authorΓεωργόπουλος, Αναστάσιος - Δημήτριος
dc.publisherΠανεπιστήμιο Πειραιώςel
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 Διεθνές*
dc.titleAnalysis & development of DLL-hijacking attacks in Windowsel
dc.typeMaster Thesisel
dc.contributor.departmentΣχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών Συστημάτωνel
dc.description.abstractENAt runtime execution, the operating system loads data and information from auxiliary components so called libraries in order to complete its full functionality. For more flexibility, Microsoft has implemented the use of DLLs (Dynamic-link libraries) which can be loaded in memory dynamically serving several different applications with one component. Despite this helpful property, the DLLs have an embedded disadvantage: as their call can be done by name, the possibility for a malicious DLL to be loaded instead of the genuine one, it is really high if it is placed at the right directory. In particular, dynamic loading can be hijacked by placing an arbitrary file with the specified name in a directory searched before resolving the target component. In this master thesis, we analyze some of most popular applications as far as DLL loadings are concerned, we present a user interface for easily detecting DLL unsafe loadings and we conclude with their vulnerability to several kinds of attacks. Finally, we suggest a list of programming and system administration rules that are based on our analyses in order to improve the overall security of Windows operating systems.el
dc.contributor.masterΤεχνοοικονομική Διοίκηση και Ασφάλεια Ψηφιακών Συστημάτωνel
dc.subject.keywordWindows (Computer operating systems)el
dc.subject.keywordMicrosoft security mechanismel
dc.subject.keywordDLL (Dynamic-link library)el

Files in this item


This item appears in the following Collection(s)

Show simple item record

Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές
Except where otherwise noted, this item's license is described as
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές

Βιβλιοθήκη Πανεπιστημίου Πειραιώς
Contact Us
Send Feedback
Created by ELiDOC
Η δημιουργία κι ο εμπλουτισμός του Ιδρυματικού Αποθετηρίου "Διώνη", έγιναν στο πλαίσιο του Έργου «Υπηρεσία Ιδρυματικού Αποθετηρίου και Ψηφιακής Βιβλιοθήκης» της πράξης «Ψηφιακές υπηρεσίες ανοιχτής πρόσβασης της βιβλιοθήκης του Πανεπιστημίου Πειραιώς»