Title :
Protecting Kernel Data through Virtualization Technology
Author :
Tian, Donghai ; Kong, Deguang ; Changzhen, Hu ; Liu, Peng
Author_Institution :
Beijing Inst. of Technol., Beijing, China
Abstract :
Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.
Keywords :
data privacy; operating system kernels; virtual machines; VMhuko protection system; kernel data protection; kernel rootkits; operating system security; trust computing; virtualization technology; Data structures; Emulation; Hardware; Kernel; Linux; Monitoring; Security; protection; rootkits; system security; virtualization;
Conference_Titel :
Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on
Conference_Location :
Venice
Print_ISBN :
978-1-4244-7517-9
Electronic_ISBN :
978-0-7695-4095-5
DOI :
10.1109/SECURWARE.2010.9
