DIGGER: Identifying OS Kernel Objects for Runtime Security Analysis

In operating systems, the authors usually refer to a running instance of a data structure (data type) as an object. Locating dynamic runtime kernel objects in physical memory is the most difficult step towards enabling implementation of robust operating system security solutions. In this paper, they address the problem of systemically uncovering all operating system dynamic kernel runtime objects, without any prior knowledge of the operating system kernel data layout in memory. They present a new hybrid approach - called DIGGER - that uncovers kernel runtime objects with nearly complete coverage, high accuracy and robust results.

Provided by: Institute of Electrical & Electronic Engineers Topic: Security Date Added: Nov 2012 Format: PDF

Find By Topic