Efficient field-sensitive pointer analysis for C
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Automatic Inference and Enforcement of Kernel Data Structure Invariants
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Mapping kernel objects to enable systematic integrity checking
Proceedings of the 16th ACM conference on Computer and communications security
Proceedings of the 8th annual IEEE/ACM international symposium on Code generation and optimization
Ensuring operating system kernel integrity with OSck
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
Identifying OS kernel objects for run-time security analysis
NSS'12 Proceedings of the 6th international conference on Network and System Security
Operating system kernel data disambiguation to support security analysis
NSS'12 Proceedings of the 6th international conference on Network and System Security
| Hi-index | 0.00 |
Generic pointers scattered around operating system (OS) kernels make the kernel data layout ambiguous. This limits current kernel integrity checking research to covering a small fraction of kernel data. Hence, there is a great need to obtain an accurate kernel data definition that resolves generic pointer ambiguities, in order to formulate a set of constraints between structures to support precise integrity checking. In this paper, we present KDD, a new tool for systematically generating a sound kernel data definition for any C-based OS e.g. Windows and Linux, without any prior knowledge of the kernel data layout. KDD performs static points-to analysis on the kernel’s source code to infer the appropriate candidate types for generic pointers. We implemented a prototype of KDD and evaluated it to prove its scalability and effectiveness.