Protecting kernel data through virtualization technology

Donghai Tian; Deguang Kong; Hu Changzhen; Peng Liu

doi:10.1109/SECURWARE.2010.9

Protecting kernel data through virtualization technology

Donghai Tian^*, Deguang Kong, Hu Changzhen, Peng Liu

^*Corresponding author for this work

Pennsylvania State University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.

Original language	English
Title of host publication	Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
Pages	5-10
Number of pages	6
DOIs	https://doi.org/10.1109/SECURWARE.2010.9
Publication status	Published - 2010
Event	4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 - Venice, Italy Duration: 18 Jul 2010 → 25 Jul 2010

Publication series

Name	Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

Conference

Conference	4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
Country/Territory	Italy
City	Venice
Period	18/07/10 → 25/07/10

Keywords

Protection
Rootkits
System security
Virtualization

Access to Document

10.1109/SECURWARE.2010.9

Cite this

Tian, D., Kong, D., Changzhen, H., & Liu, P. (2010). Protecting kernel data through virtualization technology. In Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 (pp. 5-10). Article 5632294 (Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010). https://doi.org/10.1109/SECURWARE.2010.9

@inproceedings{53c3c3a0b17a46c1b780f124027c10bd,

title = "Protecting kernel data through virtualization technology",

abstract = "Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.",

keywords = "Protection, Rootkits, System security, Virtualization",

author = "Donghai Tian and Deguang Kong and Hu Changzhen and Peng Liu",

year = "2010",

doi = "10.1109/SECURWARE.2010.9",

language = "English",

isbn = "9780769540955",

series = "Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010",

pages = "5--10",

booktitle = "Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010",

note = "4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 ; Conference date: 18-07-2010 Through 25-07-2010",

}

Tian, D, Kong, D, Changzhen, H & Liu, P 2010, Protecting kernel data through virtualization technology. in Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010., 5632294, Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010, pp. 5-10, 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010, Venice, Italy, 18/07/10. https://doi.org/10.1109/SECURWARE.2010.9

Protecting kernel data through virtualization technology. / Tian, Donghai; Kong, Deguang; Changzhen, Hu et al.
Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010. 2010. p. 5-10 5632294 (Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Protecting kernel data through virtualization technology

AU - Tian, Donghai

AU - Kong, Deguang

AU - Changzhen, Hu

AU - Liu, Peng

PY - 2010

Y1 - 2010

N2 - Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.

AB - Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.

KW - Protection

KW - Rootkits

KW - System security

KW - Virtualization

UR - http://www.scopus.com/inward/record.url?scp=79952059768&partnerID=8YFLogxK

U2 - 10.1109/SECURWARE.2010.9

DO - 10.1109/SECURWARE.2010.9

M3 - Conference contribution

AN - SCOPUS:79952059768

SN - 9780769540955

T3 - Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

SP - 5

EP - 10

BT - Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

T2 - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

Y2 - 18 July 2010 through 25 July 2010

ER -

Tian D, Kong D, Changzhen H, Liu P. Protecting kernel data through virtualization technology. In Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010. 2010. p. 5-10. 5632294. (Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010). doi: 10.1109/SECURWARE.2010.9

Protecting kernel data through virtualization technology

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this