Protecting kernel data through virtualization technology

Donghai Tian, Deguang Kong, Hu Changzhen, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.

Original languageEnglish (US)
Title of host publicationProceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
Pages5-10
Number of pages6
DOIs
StatePublished - Dec 1 2010
Event4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 - Venice, Italy
Duration: Jul 18 2010Jul 25 2010

Publication series

NameProceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

Other

Other4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
CountryItaly
CityVenice
Period7/18/107/25/10

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Information Systems

Cite this

Tian, D., Kong, D., Changzhen, H., & Liu, P. (2010). Protecting kernel data through virtualization technology. In Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 (pp. 5-10). [5632294] (Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010). https://doi.org/10.1109/SECURWARE.2010.9