Saved in:
Bibliographic Details
Main Authors: Happe, Andreas, Cito, Jürgen
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2405.02106
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866912233897852928
author Happe, Andreas
Cito, Jürgen
author_facet Happe, Andreas
Cito, Jürgen
contents Linux systems are integral to the infrastructure of modern computing environments, necessitating robust security measures to prevent unauthorized access. Privilege escalation attacks represent a significant threat, typically allowing attackers to elevate their privileges from an initial low-privilege account to the all-powerful root account. A benchmark set of vulnerable systems is of high importance to evaluate the effectiveness of privilege-escalation techniques performed by both humans and automated tooling. Analyzing their behavior allows defenders to better fortify their entrusted Linux systems and thus protect their infrastructure from potentially devastating attacks. To address this gap, we developed a comprehensive benchmark for Linux privilege escalation. It provides a standardized platform to evaluate and compare the performance of human and synthetic actors, e.g., hacking scripts or automated tooling.
format Preprint
id arxiv_https___arxiv_org_abs_2405_02106
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Got Root? A Linux Priv-Esc Benchmark
Happe, Andreas
Cito, Jürgen
Cryptography and Security
Linux systems are integral to the infrastructure of modern computing environments, necessitating robust security measures to prevent unauthorized access. Privilege escalation attacks represent a significant threat, typically allowing attackers to elevate their privileges from an initial low-privilege account to the all-powerful root account. A benchmark set of vulnerable systems is of high importance to evaluate the effectiveness of privilege-escalation techniques performed by both humans and automated tooling. Analyzing their behavior allows defenders to better fortify their entrusted Linux systems and thus protect their infrastructure from potentially devastating attacks. To address this gap, we developed a comprehensive benchmark for Linux privilege escalation. It provides a standardized platform to evaluate and compare the performance of human and synthetic actors, e.g., hacking scripts or automated tooling.
title Got Root? A Linux Priv-Esc Benchmark
topic Cryptography and Security
url https://arxiv.org/abs/2405.02106