Link-based data structures, like linked lists and binary trees, play an important role in organizing and maintaining kernel objects. Attackers have a strong motivation to tamper them for various malicious purposes. Although a lot of techniques have been proposed to protect kernel objects from unauthorized modifications, existing methods can hardly be applied to most kernel data structures. In this paper, we design iCruiser, a novel protection mechanism to universally secure the protected data fields in link-based data structures within kernel. iCruiser introduces a secure canary to guard the protected data fields, and it employs a stream cipher to prevent attackers from compromising the canary field. Without the seed key of the stream cipher, attackers can hardly conduct unauthorized modifications to the protected fields without being detected. Furthermore, to monitor the protection status of iCruiser, we employ the execution trace recording technologies to record the execution of iCruiser, which ensures that any attack attempt happening on iCruiser will be traceable and auditable. Through iCruiser, we can easily narrow down the attacking vectors of link-based kernel data structures for attackers. To show the effectiveness, we applied our design on some critical doubly linked lists in Linux kernel and analyzed the performance overhead at the instruction level.