TY - GEN
T1 - Protecting kernel data through virtualization technology
AU - Tian, Donghai
AU - Kong, Deguang
AU - Changzhen, Hu
AU - Liu, Peng
PY - 2010/12/1
Y1 - 2010/12/1
N2 - Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.
AB - Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.
UR - http://www.scopus.com/inward/record.url?scp=79952059768&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=79952059768&partnerID=8YFLogxK
U2 - 10.1109/SECURWARE.2010.9
DO - 10.1109/SECURWARE.2010.9
M3 - Conference contribution
AN - SCOPUS:79952059768
SN - 9780769540955
T3 - Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
SP - 5
EP - 10
BT - Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
T2 - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
Y2 - 18 July 2010 through 25 July 2010
ER -