The Linux kernel’s Out-of-Memory (OOM) killer ensures system stability by terminating processes when memory is exhausted, but its heuristic-based design was not built for adversarial contexts. This thesis introduces OOM Confusion Attacks, a novel class of Denial of Service (DoS) attacks that exploit the OOM killer to execute privileged process termination, targeting critical services rather than attacker processes. By orchestrating memory exhaustion through numerous unprivileged processes, these attacks may kill target applications, block service recovery, and destabilize systems. We demonstrate the feasibility of OOM Confusion Attacks on default Linux configurations commonly used by cloud providers, formulate and quantify the resource constraints for success, and evaluate application exposure to OOM Confusion Attacks. Additionally, we identify race conditions that can be exploited to block the startup and recovery of privileged services. To mitigate these threats, we propose strategies to increase the resilience of critical applications.
L’ OOM (Out-of-Memory) killer del kernel Linux garantisce la stabilità del sistema terminando i processi quando la memoria è esaurita, ma il suo design basato su euristiche non è stato concepito per contesti avversariali. Questa tesi introduce gli OOM Confusion Attacks, una nuova classe di attacchi Denial of Service (DoS) che sfruttano l’OOM killer per ottenere la terminazione di processi privilegiati, invece dei processi dell’attaccante. Orchestrando l’esaurimento della memoria tramite numerosi processi non privilegiati, questi attacchi possono eliminare applicazioni crtitiche, bloccare l’avviamento e il recupero di servizi privilegiati e destabilizzare i sistemi. Dimostriamo la fattibilità degli OOM Confusion Attacks su configurazioni di default di Linux comunemente utilizzate dai fornitori di servizi cloud, formuliamo e quantifichiamo i vincoli di risorse necessari per il successo e valutiamo l’esposizione delle applicazioni a tali attacchi. Inoltre, identifichiamo race conditions che possono essere sfruttate per impedire l’avviamento di servizi privilegiati. Per mitigare queste minacce, proponiamo strategie per aumentare la resilienza delle applicazioni critiche.
Linux hurt itself in its confusion! Exploiting Out-of-Memory Killer for Confusion Attacks via heuristic manipulation
Bossi, Lorenzo
2023/2024
Abstract
The Linux kernel’s Out-of-Memory (OOM) killer ensures system stability by terminating processes when memory is exhausted, but its heuristic-based design was not built for adversarial contexts. This thesis introduces OOM Confusion Attacks, a novel class of Denial of Service (DoS) attacks that exploit the OOM killer to execute privileged process termination, targeting critical services rather than attacker processes. By orchestrating memory exhaustion through numerous unprivileged processes, these attacks may kill target applications, block service recovery, and destabilize systems. We demonstrate the feasibility of OOM Confusion Attacks on default Linux configurations commonly used by cloud providers, formulate and quantify the resource constraints for success, and evaluate application exposure to OOM Confusion Attacks. Additionally, we identify race conditions that can be exploited to block the startup and recovery of privileged services. To mitigate these threats, we propose strategies to increase the resilience of critical applications.| File | Dimensione | Formato | |
|---|---|---|---|
|
2025_04_Bossi_Tesi.pdf
accessibile in internet solo dagli utenti autorizzati
Descrizione: Tesi
Dimensione
1.05 MB
Formato
Adobe PDF
|
1.05 MB | Adobe PDF | Visualizza/Apri |
|
2025_04_Bossi_Executive_Summary.pdf
accessibile in internet solo dagli utenti autorizzati
Descrizione: Executive Summary
Dimensione
442.35 kB
Formato
Adobe PDF
|
442.35 kB | Adobe PDF | Visualizza/Apri |
I documenti in POLITesi sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/10589/234784