A Tale of Two Kernels: Towards Ending Kernel Hardening Wars with Split Kernel
作者: Anil Kurmus , Robby Zippel
关键词:
摘要: Software security practitioners are often torn between choosing performance or security. In particular, OS kernels sensitive to the smallest regressions. This makes it difficult develop innovative kernel hardening mechanisms: they may inevitably incur some run-time overhead. Here, we propose building each function with and without hardening, within a single split kernel. this allows trusted processes be run under unmodified code, while system calls of untrusted directed hardened code. We show such no overhead when compared an deferring decision making use run-time. means distributors, administrators users can selectively enable according their needs: give examples cases. Although approach cannot directly applied arbitrary mechanisms, cases where can. Finally, our implementation in Linux requires few changes sources application source changes. Thus, is both maintainable easy use.
acm.org
sci-hub.se 参考文章(29)
Peter Honeyman, Niels Provos, Markus Friedl, Preventing privilege escalation usenix security symposium. pp. 16- 16 ,(2003)
Anil Kurmus, Sergej Dechand, Rüdiger Kapitza, Quantifiable Run-Time Kernel Attack Surface Reduction international conference on detection of intrusions and malware, and vulnerability assessment. pp. 212- 234 ,(2014) , 10.1007/978-3-319-08509-8_12
James P. Anderson, Computer Security Technology Planning Study ,(1972)
Victor van der Veen, Nitish dutt-Sharma, Lorenzo Cavallaro, Herbert Bos, Memory Errors: The Past, the Present, and the Future Research in Attacks, Intrusions, and Defenses. pp. 86- 106 ,(2012) , 10.1007/978-3-642-33338-5_5
Wayne Salamon, Chris Vance, Stephen Smalley, Implementing SELinux as a Linux Security Module ,(2003)
Georgios Portokalidis, Angelos D. Keromytis, Vasileios P. Kemerlis, kGuard: lightweight kernel protection against return-to-user attacks usenix security symposium. pp. 39- 39 ,(2012)
James P. Anderson, Computer Security Technology Planning Study. Volume 2 Defense Technical Information Center. ,(1972) , 10.21236/AD0772806
Konstantin Serebryany, Derek Bruening, Alexander Potapenko, Dmitry Vyukov, AddressSanitizer: a fast address sanity checker usenix annual technical conference. pp. 28- 28 ,(2012)
Siarhei Liakh, Michael Grace, Xuxian Jiang, Analyzing and improving Linux kernel memory protection: a model checking approach annual computer security applications conference. pp. 271- 280 ,(2010) , 10.1145/1920261.1920301
Haogang Chen, Yandong Mao, Xi Wang, Dong Zhou, Nickolai Zeldovich, M. Frans Kaashoek, Linux kernel vulnerabilities: state-of-the-art defenses and open problems asia pacific workshop on systems. pp. 5- 5 ,(2011) , 10.1145/2103799.2103805