Title :
OSISS: An operating system integrity surveillance system based on VMM
Author :
Liu, Wei ; Li, Xun ; Huang, Wei ; Huang, Hao ; Chen, Zhixian
Author_Institution :
Nat. Key Lab. for Novel Software, Nanjing Univ., Nanjing, China
Abstract :
Kernel-level attacks can compromise the security of an operating system by tampering with key data and control flow in the kernel. Current approaches defend against these attacks by applying data integrity or control flow integrity control methods. However, they focus on only a certain aspect and cannot give a complete integrity monitoring solution. This paper tries our best to find out all resorts that violate the kernel integrity of operating system by analyzing what objects an action of the kernel relies on and affects. Then we examine all these objects to avoid them from being tamped with and also monitor whether the effect of an action of the kernel is the same as the semantics specified by the original design. Our operating system integrity surveillance system (OSISS) is implemented in a virtual machine monitor (VMM) and it can detect abnormity of an action by monitoring the data integrity and control flow integrity with acceptable performance loss.
Keywords :
data integrity; operating system kernels; security of data; virtual machines; OSISS; VMM; control flow integrity control methods; data integrity; kernel-level attacks; operating system integrity surveillance system; operating system kernel integrity; operating system security; virtual machine monitor; Kernel; Monitoring; Registers; Security; Semantics; Virtual machine monitors;
Conference_Titel :
Computer Science and Service System (CSSS), 2011 International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4244-9762-1
DOI :
10.1109/CSSS.2011.5973957
