Protecting kernel code and data with a virtualization-aware collaborative operating system

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn , Issue , 2009, Pages 451-460

  De Oliveira, Daniela Alvim Seabra ^a   Wu, S Felix ^a  

^a University of California   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

DATA SEGMENT; FALSE POSITIVE; KERNEL SPACE; MICROBENCHMARKS; NON-CONTROL DATA ATTACKS; OPERATING SYSTEMS; PERFORMANCE MEASUREMENTS; PROOF OF CONCEPT; REAL-WORLD; ROOTKITS; SECURITY MECHANISM; SEMANTIC GAP; USAGE MODELS; VIRTUAL MACHINES; VIRTUALIZATIONS;

COMPUTER OPERATING SYSTEMS;

COMPUTER APPLICATIONS;

EID: 77950857042     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ACSAC.2009.49     Document Type: Conference Paper

References (55)

1. GCC Hacks in the Linux Kernel (http://www.ibm.com/developerworks/linux/ library/l-gcc-hacks/).
2. Who needs /dev/kmem? (http://lwn.net/Articles/147901/).
3. A. Baliga, V. Ganapathy, and L. Iftode. Automatic Inference and Enforcement of Kernel Data Structure Invariants. Annual Computer Security Applications Conference (ACSAC), pages 77-86, December 2008.
4. A. Baliga and L. Iftode. Automated Containment of Rootkit Attacks. Computer and Security, Elsevier, 2008.
5. A. Baliga, P. Kamat, and L. Iftode. Lurking in the Shadows: Identifying Systemic Threats to Kernel Data. IEEE S&P'07, pages 246-251, May 2007.
6. K. J. Biba. Integrity Considerations for Secure Computer Systems. In MITRE Technical Report TR-3153, Apr 1977.
7. W. Chang, B. Streiff, and C. Lin. Efficient and Extensible Security Enforcement Using Dynamic Data Flow Analysis. ACM CCS, November 2008.
8. H. Chen, X. Wu, L. Yuan, B. Zang, P. chung Yew, and F. T. Chong. From Speculation to Security: Practical and Efficient Information Flow Tracking Using Speculative Hardware. ISCA, June 2008.
9. P. M. Chen and B. D. Noble. When Virtual is Better than Real. HotOS, May 2001.
10. S. Chen, J. Xu, and E. C. Sezer. Non-control-hijacking attacks are realistic threats. In USENIX Security Symposium, 2005.
11. J. Chow, B. Pfaff, T. Garfinkel, and M. Rosenblum. Understanding Data Lifetime via Whole System Simulation. USENIX, 2004.
12. J. R. Crandall and F. T. Chong. Minos: Control Data Attack Prevention Orthogonal to Memory Model. MICRO, pages 221-232, December 2004.
13. F. M. David, E. M. Chan, J. C. Carlyle, and R. H. Campbell. Cloaker: Hardware Supported Rootkit Concealment. IEEE Security and Privacy, pages 296-310, 2008.
14. G. W. Dunlap, S. T. King, S. Cinar, M. A. Basrai, and P. M. Chen. ReVirt: Enabling Intrusion Analysis through Virtual-Machine Logging and Replay. SIGOPS Oper. Syst. Rev., 36(SI):211-224, 2002.
15. P. Ferrie. Attacks on Virtual Machine Emulators. Symantec Advanced Threat Research, 2007.
16. T. Garfinkel, K. Adams, A. Warfield, and J. Franklin. Compatibility is Not Transparency: VMM Detection Myths and Realities. HotOS, 2007.
17. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A Virtual Machine-Based Platform for Trusted Computing. ACM Symposium on Operating Systems Principles, pages 193-206, October 2003.
18. T. Garfinkel and M. Rosenblum. A Virtual Machine Introspection Based Architecture for Intrusion Detection. Network and Distributed System Security Symposium, 2003.
19. J. B. Grizzard. Towards Self-Healing Systems: Re-establishing Trust in Compromised Systems. PhD thesis, Georgia Institute of Technology, May 2006.
20. A. Ho, M. Fetterman, C. Clark, A. Warfield, and S. Hand. Practical taint-based protection using demand emulation. EuroSys, 2006.
21. X. Jiang, X. Wang, and D. Xu. Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction. ACM CCS, pages 128-138, November 2007.
22. S. T. Jones, A. C. Arpaci-Dusseau, and R. H. Arpaci-Dusseau. VMM-based Hidden Process Detection and Identification using Lycosid. ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, 2008.
23. A. Joshi, S. T. King, G. W. Dunlap, and P. M. Chen. Detecting Past and Present Intrusions through Vulnerability-specific Predicates. ACM SOSP, pages 91-104, October 2005.
24. N. L. P. Jr, T. Fraser, and W. A. Arbaugh. Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor. USENIX, 2004.
25. N. L. P. Jr. and M. Hicks. Automated Detection of Persistent Kernel Control-Flow Attacks. ACM CCS, pages 103-115, November 2007.
26. S. T. King, P. M. Chen, Y.-M. Wang, C. Verbowski, H. J. Wang, and J. R. Lorch. SubVirt: Implementing malware with virtual machines. IEEE Security and Privacy, May 2006.
27. L. Litty, H. Lagar-Cavilla, and D. Lie. Hypervisor support for identifying covertly executing binaries. USENIX, 2008.
28. L. Litty and D. Lie. Manitou: a layer-below approach to fighting malware. ASID, October 2006.
29. R. Love. Linux Kernel Development. Novell Press. 2005.
30. J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In NDSS, Feb. 2005.
31. J. Nick L. Petroni, T. Fraser, A. Walters, and W. A. Arbaugh. An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data. USENIX Security, 2006.
32. B. Payne, M. Carbone, M. Sharif, and W. Lee. Lares: An Architecture for Secure Active Monitoring using Virtualization. IEEE Symposium on Security and Privacy, May 2008.
33. F. Qin, C. Wang, Z. Li, H. seop Kim, Y. Zhou, and Y. Wu. LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks. MICRO-39, pages 135-148, December 2006.
34. J. S. Robin and C. E. Irvine. Analysis of the Intel Pentium's ability to support a secure virtual machine monitor. USENIX, 2000.
35. I. Roy, D. E. Porter, M. D. Bond, K. S. McKinley, and E. Witchel. Laminar: Practical Fine-Grained Decentralized Information Flow Control. PLDI, pages 63-74, June 2009.
36. J. Rutkowska. Subverting VistaTM Kernel For Fun And Profit. Black Hat Briefings, 2006.
37. D. X. Ryan Riley, Xuxian Jiang. Guest-Transparent Prevention of Kernel Rootkits with VMM-based Memory Shadowing. RAID, 2008.
38. A. Seshadri, M. Luk, N. Qu, and A. Perrig. SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes. ACM Symposium on Operating Systems Principles (SOSP), October 2007.
39. A. Slowinska and H. Bos. The Age of Data: pinpointing guilty bytes in polymorphic buffer overflows on heap and stack. ACSAC, December 2007.
40. J. E. Smith and R. Nair. Virtual Machines - Versatile Platforms for Systems and Processes. Morgan Kaufmann, 2005.
41. G. E. Suh, J. Lee, and S. Devadas. Secure Program Execution via Dynamic Information Flow Tracking. In Proceedings of ASPLOS-XI, Oct. 2004.
42. O. Tripp, M. Pistoia, S. Fink, M. Sridharan, and O. Weisman. TAJ: Effective Taint Analysis of Web Applications . PLDI, pages 87-97, June 2009.
43. UnixBench (http://www.tux.org/pub/tux/benchmarks/).
44. N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August. Rifle: An architectural framework for user-centric information-flow security. In Proceedings of the 37th International Symposium on Microarchitecture (MICRO), December 2004.
45. P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel, and G. Vigna. Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. NDSS, 2007.
46. Y.-M. Wang, D. Beck, X. Jiang, R. Roussev, C. Verbowski, S. Chen, and S. King. Automated Web Patrol with Strider HoneyMonkeys: Finding Web Sites That Exploit Browser Vulnerabilities. NDSS, 2006.
47. Y.-M. Wang, D. Beck, B. Vo, R. Roussev, and C. Verbowski. Detecting Stealth Software with Strider GhostBuster. DSN, 2005.
48. J. Wei, B. D. Payne, J. Giffin, and C. Pu. Soft-Timer Driven Transient Kernel Control Flow Attacks and Defense. Annual Computer Security Applications Conference (ACSAC), 2008.
49. M. Xu, X. Jiang, R. Sandhu, and X. Zhang. Towards a VMM-based Usage Control Framework for OS Kernel Integrity Protection. SACMAT, 2007.
50. H. Yin, D. Song, M. Egele, C. Kruegel, and E. Kirda. Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis. ACM CCS 07, pages 116-127, November 2007.
51. N. Zeldovich, H. Kannan, M. Dalton, , and C. Kozyrakis. Hardware Enforcement of Application Security Policies Using Tagged Memory. OSDI, December 2008.
52. bochs: the Open Source IA-32 Emulation Project (http://bochs.sourceforge. net).
53. Linux on-the-fly kernel patching without LKM (http://doc.bughunter.net/ rootkit-backdoor/kernel-patching.html).
54. SourceForge.net: Open Source Software (http://sourceforge.net).
55. SPEC - Standard Performance Evaluation Corporation (http://ftp.spec.org/ cpu2000/CINT2000).