Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Computer Viruses: from theory to applications (Collection IRIS)
Computer Viruses: from theory to applications (Collection IRIS)
PointguardTM: protecting pointers from buffer overflow vulnerabilities
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
SMM rootkits: a new breed of OS independent malware
Proceedings of the 4th international conference on Security and privacy in communication netowrks
CPU Bugs, CPU Backdoors and Consequences on Security
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Dependable and Historic Computing
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
| Hi-index | 0.00 |
This article deals with kernel security protection. We propose a characterization of malicious kernel-targeted actions, based on how the way they act to corrupt the kernel. Then, we discuss security measures able to counter such attacks. We finally expose our approach based on hardware-virtualization that is partially implemented into our demonstrator Hytux, which is inspired from bluepill (Rutkowska in subverting vista kernel for fun and profit. In: Black Hat in Las Vegas, 2006), a malware that installs itself as a lightweight hypervisor--on a hardware-virtualization compliant CPU--and puts a running Microsoft Windows Operating System into a virtual machine. However, in contrast with bluepill, Hytux is a lightweight hypervisor that implements protection mechanisms in a more privileged mode than the Linux kernel.