Analysis & development of DLL-hijacking attacks in Windows
| dc.contributor.advisor | Νταντογιάν, Χριστόφορος | |
| dc.contributor.author | Γεωργόπουλος, Αναστάσιος - Δημήτριος | |
| dc.date.accessioned | 2017-02-07T09:38:24Z | |
| dc.date.available | 2017-02-07T09:38:24Z | |
| dc.date.issued | 2016-02 | |
| dc.identifier.uri | https://dione.lib.unipi.gr/xmlui/handle/unipi/9413 | |
| dc.format.extent | 110 | el |
| dc.language.iso | en | el |
| dc.publisher | Πανεπιστήμιο Πειραιώς | el |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές | * |
| dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/4.0/ | * |
| dc.title | Analysis & development of DLL-hijacking attacks in Windows | el |
| dc.type | Master Thesis | el |
| dc.contributor.department | Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών Συστημάτων | el |
| dc.description.abstractEN | At runtime execution, the operating system loads data and information from auxiliary components so called libraries in order to complete its full functionality. For more flexibility, Microsoft has implemented the use of DLLs (Dynamic-link libraries) which can be loaded in memory dynamically serving several different applications with one component. Despite this helpful property, the DLLs have an embedded disadvantage: as their call can be done by name, the possibility for a malicious DLL to be loaded instead of the genuine one, it is really high if it is placed at the right directory. In particular, dynamic loading can be hijacked by placing an arbitrary file with the specified name in a directory searched before resolving the target component. In this master thesis, we analyze some of most popular applications as far as DLL loadings are concerned, we present a user interface for easily detecting DLL unsafe loadings and we conclude with their vulnerability to several kinds of attacks. Finally, we suggest a list of programming and system administration rules that are based on our analyses in order to improve the overall security of Windows operating systems. | el |
| dc.contributor.master | Τεχνοοικονομική Διοίκηση και Ασφάλεια Ψηφιακών Συστημάτων | el |
| dc.subject.keyword | Windows (Computer operating systems) | el |
| dc.subject.keyword | Microsoft security mechanism | el |
| dc.subject.keyword | DLL (Dynamic-link library) | el |
Αρχεία σε αυτό το τεκμήριο
Αυτό το τεκμήριο εμφανίζεται στις ακόλουθες συλλογές
-
Τμήμα Ψηφιακών Συστημάτων
Department of Digital Systems
Εκτός από όπου διευκρινίζεται διαφορετικά, το τεκμήριο διανέμεται με την ακόλουθη άδεια:
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές
Attribution-NonCommercial-NoDerivatives 4.0 Διεθνές