Please use this identifier to cite or link to this item: https://doi.org/10.1007/978-3-642-16161-2_10
Title: Transparent protection of commodity OS kernels using hardware virtualization
Authors: Grace, M.
Wang, Z.
Srinivasan, D.
Li, J.
Jiang, X.
Liang, Z. 
Liakh, S.
Keywords: Harvard architecture
Split memory
Virtualization
Issue Date: 2010
Source: Grace, M.,Wang, Z.,Srinivasan, D.,Li, J.,Jiang, X.,Liang, Z.,Liakh, S. (2010). Transparent protection of commodity OS kernels using hardware virtualization. Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering 50 LNICST : 162-180. ScholarBank@NUS Repository. https://doi.org/10.1007/978-3-642-16161-2_10
Abstract: Kernel rootkits are among the most insidious threats to computer security today. By employing various code injection techniques, they are able to maintain an omnipotent presence in the compromised OS kernels. Existing preventive countermeasures typically employ virtualization technology as part of their solutions. However, they are still limited in either (1) requiring modifying the OS kernel source code for the protection or (2) leveraging software-based vir-tualization techniques such as binary translation with a high overhead to implement a Harvard architecture (which is robust to various code injection techniques used by kernel rootkits). In this paper, we introduce hvmHarvard, a hardware virtualization-based Harvard architecture that transparently protects commodity OS kernels from kernel rootkit attacks and significantly reduces the performance overhead. Our evaluation with a Xen-based prototype shows that it can transparently protect legacy OS kernels with rootkit resistance while introducing < 5% performance overhead.© Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering 2010.
Source Title: Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
URI: http://scholarbank.nus.edu.sg/handle/10635/78406
ISBN: 364216160X
ISSN: 18678211
DOI: 10.1007/978-3-642-16161-2_10
Appears in Collections:Staff Publications

Show full item record
Files in This Item:
There are no files associated with this item.

SCOPUSTM   
Citations

7
checked on Feb 12, 2018

Page view(s)

27
checked on Feb 16, 2018

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.