Title :
Towards Thwarting Data Leakage with Memory Page Access Interception
Author :
Yan Wen ; Jinjing Zhao ; Hua Chen
Author_Institution :
Beijing Inst. of Syst. Eng., Beijing, China
Abstract :
Data leakage prevention has recently become the most important concern for both personal users and corporate users. Most existing feasible data leakage preventers are built with the Dynamic Binary Instrumentation (DBI) technology. Such mechanism suffers from poor application compatibility issue, especially for the large scale ones. In this paper, we propose Gemini, an instrumentation-free approach, to track data propagation dynamically and then prevent data leakage. Gemini leverages the page fault interrupt mechanism of the operating system, instead of DBI, to track memory page accesses, and then thwart the data leakage. As a result, Gemini is application transparent, i.e., it solves the application compatibility issue. Besides, Gemini is implemented on the most prevalent operating system-Windows, while most of previous approaches are built on Linux. Our evaluation results demonstrate Gemini´s feasibility and effectiveness.
Keywords :
interrupts; operating systems (computers); security of data; storage management; Gemini; Windows; data leakage prevention; data propagation tracking; instrumentation-free approach; memory page access interception; memory page access tracking; operating system; page fault interrupt mechanism; thwarting data leakage; Data transfer; File systems; Information filtering; Kernel; Monitoring; Program processors; Registers; Windows; data leakage; memory access tracking; page fault;
Conference_Titel :
Dependable, Autonomic and Secure Computing (DASC), 2014 IEEE 12th International Conference on
Conference_Location :
Dalian
Print_ISBN :
978-1-4799-5078-2
DOI :
10.1109/DASC.2014.14
