Concurrent programs have become pervasive and critical because of the move to multicore processors and deployment of large-scale distributed systems. These programs continue to remain difficult to write, test, and debug than sequential versions, and this impediment has led to subtle and serious errors in concurrent programs.
Just as errors in sequential programs can lead to security exploits, concurrency errors may lead to concurrency attacks which allow attackers to violate confidentiality, integrity and availablity of systems. To defend against these attacks, we need to better understand concurrency errors and how they can or have been exploited.
Questions such as whether these attacks are feasible and what characteristics they have remain largely unknown.
This paper presents a preliminary study of concurrency attacks and the security implications of real world concurrency errors. Our study yields several interesting findings.
For instance, we observe that the exploitability of a concurrency error depends on the duration of the timing window within which the error may occur. We further observe that attackers can increase this window through carefully crafted inputs.
We also find that four out of five commonly used sequential defenses become unsafe when applied to concurrent programs. Based on our findings, we propose new defense directions and fixes to existing defenses.
To read this external content in full, download complete article from the USENIX.org conference papers archives .