Facebook Instagram Twitter RSS Feed PodBean Back to top on side

Kernel Code Integrity Protection Based on a Virtualized Memory Architecture

In: Computing and Informatics, vol. 32, no. 2
J. Sun - H. Chen - Ch. Chang - X. Li

Details:

Year, pages: 2013, 295 - 311
Keywords:
Kernel rootkit, security, integrity protection, virtualization, Harvard architecture
About article:
Kernel rootkits pose significant challenges on defensive techniques as they run at the highest privilege level along with the protection systems. Modern architectural approaches such as the NX protection have been used in mitigating attacks, however determined attackers can still bypass these defenses with specifically crafted payloads. In this paper, we propose a virtualized Harvard memory architecture to address the kernel code integrity problem, which virtually separates the code fetch and data access on the kernel code to prevent kernel from code modifications. We have implemented the proposed mechanism in commodity operating system, and the experimental results show that our approach is effective and incurs very low overhead
How to cite:
ISO 690:
Sun, J., Chen, H., Chang, C., Li, X. 2013. Kernel Code Integrity Protection Based on a Virtualized Memory Architecture. In Computing and Informatics, vol. 32, no.2, pp. 295-311. 1335-9150.

APA:
Sun, J., Chen, H., Chang, C., Li, X. (2013). Kernel Code Integrity Protection Based on a Virtualized Memory Architecture. Computing and Informatics, 32(2), 295-311. 1335-9150.