Kernel extensions are widely used by attackers to com-promise the operating system kernel. With the presence of various untrusted extensions, it remains a challenging prob-lem to comprehensively preserve the integrity of OS kernels in a practical and generic way. In this paper, we present HUKO, a hypervisor-based integrity protection system de-signed to protect commodity OS kernels from untrusted ex-tensions. In HUKO system, untrusted kernel extensions can safely run to provide desired functionalities. The behaviors of untrusted extensions, however, are confined by manda-tory access control policies, which significantly limit the attacker’s ability to compromise the integrity of the ker-nel. To guarantee multi-aspect protection and enforcem...
Today’s extensible operating systems allow applications to modify kernel behavior by providing mecha...
One of the main issues in the OS security is providing trusted code execution in an untrusted enviro...
Abstract—Kernel-level keyloggers, which are installed as part of the operating system (OS) with comp...
textOperating system kernels present a difficult security challenge. Despite their millions of lines...
Operating system kernels isolate applications from other malicious software via protected memory cr...
ENGELSK: A monolithic operating system (OS) - such as Windows or Linux - distinguish between executi...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...
Monolithic kernels have been the traditional design choice of many modern operating systems for prac...
This Ph.D thesis addresses the integrity preservation of current operating systems. The main goal is...
Device drivers on commodity operating systems execute with kernel privilege and have unfettered acce...
Protecting kernel integrity is one of the fundamental security ob-jectives in building a trustworthy...
Kernel rootkits pose significant challenges on defensive techniques as they run at the highest privi...
The OS kernel is typically preassumed as a trusted computing base in most computing systems. However...
Device drivers on commodity operating systems execute with kernel privilege and have unfettered acce...
An attacker who has gained access to a computer may want to upload or modify configuration files, et...
Today’s extensible operating systems allow applications to modify kernel behavior by providing mecha...
One of the main issues in the OS security is providing trusted code execution in an untrusted enviro...
Abstract—Kernel-level keyloggers, which are installed as part of the operating system (OS) with comp...
textOperating system kernels present a difficult security challenge. Despite their millions of lines...
Operating system kernels isolate applications from other malicious software via protected memory cr...
ENGELSK: A monolithic operating system (OS) - such as Windows or Linux - distinguish between executi...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...
Monolithic kernels have been the traditional design choice of many modern operating systems for prac...
This Ph.D thesis addresses the integrity preservation of current operating systems. The main goal is...
Device drivers on commodity operating systems execute with kernel privilege and have unfettered acce...
Protecting kernel integrity is one of the fundamental security ob-jectives in building a trustworthy...
Kernel rootkits pose significant challenges on defensive techniques as they run at the highest privi...
The OS kernel is typically preassumed as a trusted computing base in most computing systems. However...
Device drivers on commodity operating systems execute with kernel privilege and have unfettered acce...
An attacker who has gained access to a computer may want to upload or modify configuration files, et...
Today’s extensible operating systems allow applications to modify kernel behavior by providing mecha...
One of the main issues in the OS security is providing trusted code execution in an untrusted enviro...
Abstract—Kernel-level keyloggers, which are installed as part of the operating system (OS) with comp...