Kernel Data Integrity Protection via Memory Access Control

Thumbnail Image
Files
GT-CS-09-04.pdf (690.75 KB)
Author(s)
Srivastava, Abhinav
Erete, Ikpeme
Giffin, Jonathon
Advisor(s)
Editor(s)
Associated Organization(s)
Organizational Unit
Organizational Unit
School of Computer Science
School established in 2007
Series
Series
Series
Collections
Research Publications
Supplementary to:
Permanent Link
http://hdl.handle.net/1853/30785
Abstract
Operating system kernels isolate applications from other malicious software via protected memory created by virtual memory management. Even though modern kernels aggregate core kernel code with driver and module components of different provenance, kernel memory remains unified and without isolation. Kernel-level malicious software has full access to the data and operations of all kernel components. In this paper, we create kernel memory protection. We design an access control policy and enforcement system that prevents kernel components with low trust from altering security-critical data used by the kernel to manage its own execution. Our policies are at the granularity of kernel variables and structure elements, and they can protect data dynamically allocated at runtime. Our hypervisor-based design uses memory page protection bits as part of its policy enforcement; the granularity difference between page-level protection and variable-level policies challenges the system’s ability to remain performant. We develop kernel data-layout partitioning and reorganization to maintain kernel performance in the presence of our protections. We show that our system prevents illegitimate alteration of security-critical kernel data at a performance cost of 1–20%. By offering protection for critical kernel data, we guarantee that security utilities relying on the integrity of kernel-level state remain accurate.
Sponsor
Date
2009
Extent
Resource Type
Text
Resource Subtype
Technical Report
Rights Statement
Rights URI