Kernel Data Integrity Protection via Memory Access Control
MetadataShow full item record
Operating system kernels isolate applications from other malicious software via protected memory created by virtual memory management. Even though modern kernels aggregate core kernel code with driver and module components of different provenance, kernel memory remains unified and without isolation. Kernel-level malicious software has full access to the data and operations of all kernel components. In this paper, we create kernel memory protection. We design an access control policy and enforcement system that prevents kernel components with low trust from altering security-critical data used by the kernel to manage its own execution. Our policies are at the granularity of kernel variables and structure elements, and they can protect data dynamically allocated at runtime. Our hypervisor-based design uses memory page protection bits as part of its policy enforcement; the granularity difference between page-level protection and variable-level policies challenges the system’s ability to remain performant. We develop kernel data-layout partitioning and reorganization to maintain kernel performance in the presence of our protections. We show that our system prevents illegitimate alteration of security-critical kernel data at a performance cost of 1–20%. By offering protection for critical kernel data, we guarantee that security utilities relying on the integrity of kernel-level state remain accurate.
Showing items related by title, author, creator and subject.
The common elements of working memory capacity and fluid intelligence: primary memory, secondary memory and executive attention Shipstead, Zachary M. (Georgia Institute of Technology, 2012-08-16)Working memory is a mental system that is related to cognitive control and higher cognition. Although the topic of working memory is well researched, there is a great deal of debate about the mechanisms that drive individual ...
Working memory as a general-purpose processor : effects of processing load on the relations between verbal and spatial memory Babcock, Renee L. (Georgia Institute of Technology, 1989-05)
Harrison, Tyler Leland (Georgia Institute of Technology, 2014-12-05)One of the best ways to increase memory performance on a task is to organize the to-be-remembered material (Postman, 1972). Throughout a number of experiments, the amount a subject organizes a list of words has been shown ...