Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
An empirical study of operating systems errors
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs
CC '02 Proceedings of the 11th International Conference on Compiler Construction
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Improving the reliability of commodity operating systems
ACM Transactions on Computer Systems (TOCS)
Mondrix: memory isolation for linux using mondriaan memory protection
Proceedings of the twentieth ACM symposium on Operating systems principles
Unmodified device driver reuse and improved system dependability via virtual machines
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Evaluating SFI for a CISC architecture
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
SafeDrive: safe and recoverable extensions using language-based techniques
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
The Daikon system for dynamic detection of likely invariants
Science of Computer Programming
The design and implementation of microdrivers
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Fast byte-granularity software fault isolation
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Protecting Commodity Operating System Kernels from Vulnerable Device Drivers
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Device driver safety through a reference validation mechanism
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Tolerating malicious device drivers in Linux
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Hi-index | 0.00 |
Due to lack of the protecting mechanism in the kernel space, the loadable kernel modules (LKM) may be exploited and thus seriously affecting the OS kernel's security via utilizing the implicit or explicit vulnerabilities. Although lots of systems have been developed to address the above problem, there still remain some challenges. a) How to automatically generate a security policy before the kernel module is enforced? b) How to properly mediate the interactions between the kernel module and OS kernel to ensure the policy consistence without modifications (or least changes) on the existing OS, hardware, and kernel module structure? In this paper, we present LKMG, a policy-centric system which can protect commodity OS kernel from vulnerable loadable kernel modules. More powerful than previous systems, LKMG is able to generate a security policy form the kernel module, and then enforce the policy during the kernel module's execution. Generally, the working process of LKMG can be divided into two stages. First, we utilize static analysis to extract the kernel code and data access patterns from a kernel module's source code, and then combine these patterns with the related memory address information to generate a security policy. Second, by leveraging hardware-based virtualization technology, LKMG isolates the kernel module from the rest of the kernel, and then enforces the kernel module's execution to obey the derived policy. The experiment show that our system can defend against various loadable kernel module exploitations effectively with moderate performance overhead.