Securely Isolating Malicious OS Kernel Modules Using Hardware Virtualization Support

Provided by: Binary Information Press
Topic: Security
Format: PDF
Kernel-level attacks or rootkits that compromise the security of an operating system are one of the most important concerns in system security at present. By enforcing data-flow integrity or control-flow integrity of an operating system, a variety of solutions have been proposed to defend against these attacks. However, the added overhead likely makes those approaches unsuitable for many real-world applications. In this paper, the authors present SecEye, a lightweight hypervisor for protecting kernel integrity via securely isolating malicious dynamically loadable kernel modules, using hardware virtualization support.

Find By Topic