Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2009
IEEE
2009
IEEE
Protecting Kernel Code and Data with a Virtualization-Aware Collaborative Operating System
Abstract—The traditional virtual machine usage model advocates placing security mechanisms in a trusted VM layer and letting the untrusted guest OS run unaware of the presence of virtualization. In this work we challenge this traditional model and propose a collaboration approach between a virtualizationaware operating system and a VM layer to prevent tampering against kernel code and data. Our integrity model is a relaxed version of Biba’s and the main idea is to have all attempted writes into kernel code and data segments checked for validity at VM level. The OS-VM collaboration bridges the semantic gap between tracing low integrity objects at OS-level (files, processes, modules, allocated areas) and architecture-level (memory and registers). We have implemented this approach in a proofof-concept prototype and have successfully tested it against 6 rootkits (including a non-control data attack) and 4 realworld benign LKM/drivers. All rootkits were prevented from corrupting kernel...
Real-time TrafficRelated Content
| Added | 18 May 2010 |
| Updated | 18 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | ACSAC |
| Authors | Daniela Alvim Seabra de Oliveira, Shyhtsun Felix Wu |
Comments (0)
Researcher Info
|
