Protecting kernel data through virtualization technology

Donghai Tian, Deguang Kong, Hu Changzhen, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.

Original languageEnglish (US)
Title of host publicationProceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
Pages5-10
Number of pages6
DOIs
StatePublished - Dec 1 2010
Event4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 - Venice, Italy
Duration: Jul 18 2010Jul 25 2010

Publication series

NameProceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

Other

Other4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010
CountryItaly
CityVenice
Period7/18/107/25/10

Fingerprint

Computer operating systems
Security systems
Monitoring
Experiments
Virtualization
Malware

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Information Systems

Cite this

Tian, D., Kong, D., Changzhen, H., & Liu, P. (2010). Protecting kernel data through virtualization technology. In Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010 (pp. 5-10). [5632294] (Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010). https://doi.org/10.1109/SECURWARE.2010.9
Tian, Donghai ; Kong, Deguang ; Changzhen, Hu ; Liu, Peng. / Protecting kernel data through virtualization technology. Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010. 2010. pp. 5-10 (Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010).
@inproceedings{f176448d6d82403ca1f00b8ea1243572,
title = "Protecting kernel data through virtualization technology",
abstract = "Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.",
author = "Donghai Tian and Deguang Kong and Hu Changzhen and Peng Liu",
year = "2010",
month = "12",
day = "1",
doi = "10.1109/SECURWARE.2010.9",
language = "English (US)",
isbn = "9780769540955",
series = "Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010",
pages = "5--10",
booktitle = "Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010",

}

Tian, D, Kong, D, Changzhen, H & Liu, P 2010, Protecting kernel data through virtualization technology. in Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010., 5632294, Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010, pp. 5-10, 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010, Venice, Italy, 7/18/10. https://doi.org/10.1109/SECURWARE.2010.9

Protecting kernel data through virtualization technology. / Tian, Donghai; Kong, Deguang; Changzhen, Hu; Liu, Peng.

Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010. 2010. p. 5-10 5632294 (Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Protecting kernel data through virtualization technology

AU - Tian, Donghai

AU - Kong, Deguang

AU - Changzhen, Hu

AU - Liu, Peng

PY - 2010/12/1

Y1 - 2010/12/1

N2 - Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.

AB - Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization renaissance, virtualization technology provides many new ways to improve the system security. Utilizing this new technology, we present a kernel protection system called VMhuko. By monitoring the kernel data access actively, VMhuko can defend the kennel data attacks on the fly. The intensive experiment shows that VMhuko can protect the kernel with moderate performance.

UR - http://www.scopus.com/inward/record.url?scp=79952059768&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79952059768&partnerID=8YFLogxK

U2 - 10.1109/SECURWARE.2010.9

DO - 10.1109/SECURWARE.2010.9

M3 - Conference contribution

AN - SCOPUS:79952059768

SN - 9780769540955

T3 - Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

SP - 5

EP - 10

BT - Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010

ER -

Tian D, Kong D, Changzhen H, Liu P. Protecting kernel data through virtualization technology. In Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010. 2010. p. 5-10. 5632294. (Proceedings - 4th International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2010). https://doi.org/10.1109/SECURWARE.2010.9