Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Memory resource management in VMware ESX server
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
lmbench: portable tools for performance analysis
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
Splitting interfaces: making trust between applications and operating systems configurable
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
iKernel: Isolating Buggy and Malicious Device Drivers Using Hardware Virtualization Support
DASC '07 Proceedings of the Third IEEE International Symposium on Dependable, Autonomic and Secure Computing
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
BitVisor: a thin hypervisor for enforcing i/o device security
Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Virtualization-based separation of privilege: working with sensitive data in untrusted environment
Proceedings of the 1st EuroSys Workshop on Virtualization Technology for Dependable Systems
System/370 extended architecture: design considerations
IBM Journal of Research and Development
System/370 extended architecture: facilities for virtual machines
IBM Journal of Research and Development
The turtles project: design and implementation of nested virtualization
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Hypervisor-based protection of sensitive files in a compromised system
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Architecture-based self-protecting software systems
Proceedings of the 9th international ACM Sigsoft conference on Quality of software architectures
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
| Hi-index | 0.00 |
Numerous operating systems have been designed to manage and control system resources with large and complicated features, so they need high security protection. However, previous security applications can not provide adequate protection due to the untrusted execution environment. Furthermore, these security strategies cannot support a universal cross-platform system security requirements. This paper presents VASP, a hypervisor based monitor which allows a trusted execution environment to monitor various malicious behaviors in the operating system. This is achieved by taking advantage of ×86 hardware virtualization and self-transparency technology, and providing a unified security protection to unmodified operating systems such as Linux and Windows. Our design is targeted at establishing a security monitor which resides completely outside of the target OS environment with a negligible overhead. According to the security analysis and performance experiment result, our approach can effectively protect applications and the kernel at a modest overhead of only 0.9% average in Windows XP and 2.6% average in Linux.