Towards a VMM-Based Usage Control Framework for OS Kernel Integrity Protection

Protecting kernel integrity is one of the fundamental security objectives in building a trustworthy Operating System (OS). For this end, a variety of approaches and systems have been proposed and developed. However, access control models used in most of these systems are not expressive enough to capture important security requirements such as continuous policy enforcement and mutable process and object attributes. Even worse, most existing protection mechanisms in these systems reside in the same space as the running OS, which unfortunately can be disabled or subverted after an attacker successfully exploits kernel-level vulnerabilities (Or features) to compromise the OS kernel. The increasing number of kernel-level rootkit attacks clearly demonstrates this threat.