Transparent Security-Sensitive Process Protection via VMM-Based Process Shadowing

Ensuring the correctness of security sensitive application running on a potentially malicious operating system is an open problem. Existing approaches for protecting a sensitive process are either losing deployment transparency or lack of the inter-process communication ability for the protected process. In this paper, we present a novel approach called shadow process execution (SPE), which can provide security sensitive applications with executing integrity. With the help of virtualization layer, SPE shadows the sensitive application in a separate virtual machine (VM), which significantly removes the complex and potentially malicious software stack from trusted computing base (TCB). At the same time, SPE maintains dynamic runtime protection without application source code. Finally we demonstrate the feasibility of SPE by designing and implementing a prototype system based on KVM hypervisor. And we show the transparent and dynamic feature of SPE by running and protecting a real world encryption utility program.