Binary Information Press
Kernel-level attacks or rootkits that compromise the security of an operating system are one of the most important concerns in system security at present. By enforcing data-flow integrity or control-flow integrity of an operating system, a variety of solutions have been proposed to defend against these attacks. However, the added overhead likely makes those approaches unsuitable for many real-world applications. In this paper, the authors present SecEye, a lightweight hypervisor for protecting kernel integrity via securely isolating malicious dynamically loadable kernel modules, using hardware virtualization support.