Filters








640 Hits in 8.3 sec

SILVER: Fine-Grained and Transparent Protection Domain Primitives in Commodity OS Kernel [chapter]

Xi Xiong, Peng Liu
2013 Lecture Notes in Computer Science  
Untrusted kernel extensions remain one of the major threats to the security of commodity OS kernels.  ...  Moreover, SILVER introduces secure primitives for data communication between protection domains based on a unified integrity model.  ...  Acknowledgements We would like to thank our paper shepherd Andrea Lanzi, the anonymous reviewers and Trent Jaeger, for their helpful comments on earlier versions of this paper.  ... 
doi:10.1007/978-3-642-41284-4_6 fatcat:c2so4magkjhcplrpcm5fs7ivf4

AppGuard: A hardware virtualization based approach on protecting user applications from untrusted commodity operating system

Zili Zha, Min Li, Wanyu Zang, Meng Yu, Songqing Chen
2015 2015 International Conference on Computing, Networking and Communications (ICNC)  
In such situations, a proper way of protecting users' data privacy and integrity at runtime is a paramount task that needs efficient solutions.  ...  However, existing commodity OSes are inevitably vulnerable due to their enormous code base containing a whole bunch of bugs that can be easily exploited by attackers.  ...  It effectively secures the application from Iago attacks. However, it requires kernel modifications which is not practical to commodity operating systems.  ... 
doi:10.1109/iccnc.2015.7069428 dblp:conf/iccnc/ZhaLZYC15 fatcat:ngcaejitbfb4llwrvxtaks63lm

Dancing with Giants: Wimpy Kernels for On-Demand Isolated I/O

Zongwei Zhou, Miao Yu, Virgil D. Gligor
2014 2014 IEEE Symposium on Security and Privacy  
The size and complexity of the wimpy kernel are minimized by safely outsourcing I/O subsystem functions to an untrusted commodity operating system and exporting driver and I/O subsystem code to wimp applications  ...  Using the USB subsystem as a case study, this paper illustrates the dramatic reduction of wimpy-kernel size and complexity; e.g., over 99% of the USB code base is removed.  ...  Conversely, the untrusted OS can use these wimp-OS channels to protect itself from potential buggy wimp behavior or defend against privilege escalation attacks from malicious wimps.  ... 
doi:10.1109/sp.2014.27 dblp:conf/sp/ZhouYG14 fatcat:6hof2a5kwndg3gy2v7ndsnmsli

Efficient Virtualization-Based Application Protection Against Untrusted Operating System

Yueqiang Cheng, Xuhua Ding, Robert H. Deng
2015 Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security - ASIA CCS '15  
In this paper, we present the design and implementation of AppShield, a hypervisor-based approach that reliably safeguards code, data and execution integrity of a critical application, in a more efficient  ...  Commodity monolithic operating systems are abundant with vulnerabilities that lead to rootkit attacks.  ...  This research was funded in the Singapore Management University through a research grant C220/MSS13C005 from the Ministry of Education Academic Research Tier 1.  ... 
doi:10.1145/2714576.2714618 dblp:conf/ccs/ChengDD15 fatcat:mhcm3yzhx5asrhfpzipraguznm

Aurora: Providing Trusted System Services for Enclaves On an Untrusted System [article]

Hongliang Liang, Mingyu Li, Qiong Zhang, Yue Yu, Lin Jiang, Yixiu Chen
2018 arXiv   pre-print
To mitigate this problem, we present Aurora, a novel architecture that provides TSSes via a secure channel between enclaves and devices on top of an untrusted system, and implement two types of TSSes,  ...  Intel SGX provisions shielded executions for security-sensitive computation, but lacks support for trusted system services (TSS), such as clock, network and filesystem.  ...  We are grateful to Kai Huang, Shweta Shinde for their feedback and help on Aurora.  ... 
arXiv:1802.03530v1 fatcat:nuuj74brjfchnd7xugubafgmo4

Evolution of Attacks, Threat Models, and Solutions for Virtualized Systems

Daniele Sgandurra, Emil Lupu
2016 ACM Computing Surveys  
of protection strategies to deal with such attacks.  ...  In this work we review the protection strategies proposed in the literature and show how some of the solutions have been invalidated by new attacks, or threat models, that were previously not considered  ...  HUKO [Xiong et al. 2011 ] is a hypervisor-based integrity protection system designed to protect commodity OS kernels from untrusted extensions by confining their behavior through mandatory access control  ... 
doi:10.1145/2856126 fatcat:hyacg4sfzjhdpmp6es3ki7nqlu

Protecting Cloud Virtual Machines from Hypervisor and Host Operating System Exploits

Shih-Wei Li, John S. Koh, Jason Nieh
2019 USENIX Security Symposium  
We show that HypSec protects the confidentiality and integrity of virtual machines running unmodified guest operating systems while only incurring modest performance overhead for real application workloads  ...  and integrity of virtual machines.  ...  Acknowledgments Steve Bellovin, Christoffer Dall, and Nathan Dautenhahn provided helpful comments on earlier drafts of this paper.  ... 
dblp:conf/uss/LiKN19 fatcat:a567gleronbzvjmfw7lmowr3wi

TrustVisor: Efficient TCB Reduction and Attestation

Jonathan M. McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil Gligor, Adrian Perrig
2010 2010 IEEE Symposium on Security and Privacy  
An important security challenge is to protect the execution of security-sensitive code on legacy systems from malware that may infect the OS, applications, or system devices.  ...  We present TrustVisor, a special-purpose hypervisor that provides code integrity as well as data integrity and secrecy for selected portions of an application.  ...  More specifically, our goal is to provide data secrecy and integrity, as well as execution integrity for security-sensitive portions of an application, executing the code in isolation from the OS, untrusted  ... 
doi:10.1109/sp.2010.17 dblp:conf/sp/McCuneLQZDGP10 fatcat:gw3fmn6h5zdubjcvoj7uvxxrke

Enclave-Aware Compartmentalization and Secure Sharing with Sirius [article]

Zahra Tarkhani, Anil Madhavapeddy
2020 arXiv   pre-print
We introduce Sirius, the first compartmentalization framework that achieves strong isolation and secure sharing in TEE-assisted applications by controlling the dataflows within primary kernel objects (  ...  This lack of information causes an ever-increasing set of attacks on TEE-enabled applications that exploit various insecure interactions with the host OSs, applications, or other enclaves.  ...  Despite working well for protecting the host OS, they are not designed for pervasive compartmentalization and supporting mutually untrusting kernels running in different privilege levels, as is the case  ... 
arXiv:2009.01869v3 fatcat:bgqsmluzdjdkxliiun6ttijqty

Shielding Applications from an Untrusted Cloud with Haven

Andrew Baumann, Marcus Peinado, Galen Hunt
2015 ACM Transactions on Computer Systems  
We introduce the notion of shielded execution, which protects the confidentiality and integrity of a program and its data from the platform on which it runs (i.e., the cloud operator's OS, VM and firmware  ...  binaries and protecting them from a malicious host.  ...  Acknowledgements We appreciate the assistance and collaboration of Intel Labs, especially Matthew Hoekstra, Simon Johnson, Rebekah Leslie-Hurd, Frank McKeen, Carlos Rozas and Krystof Zmudzinski.  ... 
doi:10.1145/2799647 fatcat:rjkgh6n6brc2ledrzi4nzhfe6y

Lockdown: Towards a Safe and Practical Architecture for Security Applications on Commodity Platforms [chapter]

Amit Vasudevan, Bryan Parno, Ning Qu, Virgil D. Gligor, Adrian Perrig
2012 Lecture Notes in Computer Science  
We investigate a new point in the design space of red/green systems [19, 30] , which provide the user with a highly-protected, yet also highly-constrained trusted ("green") environment for performing security-sensitive  ...  Through the design and implementation of the Lockdown architecture, we evaluate whether partitioning, rather than virtualizing, resources and devices can lead to better security or performance for red/  ...  from NSF under awards CCF-0424422 and CNS-0831440.  ... 
doi:10.1007/978-3-642-30921-2_3 fatcat:ir5ku2luunc7zkft3oecx3dvhi

HBSP: A Lightweight Hardware Virtualization Based Framework for Transparent Software Protection in Commodity Operating Systems

Miao Yu, Peijie Yu, Shang Gao, Qian Lin, Min Zhu, Zhengwei Qi
2009 2009 Fourth International Conference on Frontier of Computer Science and Technology  
The focal point in the software protection battle is how to protect effectively versus how to conceal the protector from untrusted OSes.  ...  Commodity operating systems are usually large and complex, leading host-based security tools often provide inadequate protection against malware because execution environment for software is untrusted.  ...  We would like to thank the anonymous reviewers for their thoughtful comments and suggestions.  ... 
doi:10.1109/fcst.2009.45 dblp:conf/fcst/YuYGLZQ09 fatcat:ff5aytguzvg7tdjuz6hlhe3gne

Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM

Le Guan, Chen Cao, Peng Liu, Xinyu Xing, Xinyang Ge, Shengzhi Zhang, Meng Yu, Trent Jaeger
2018 IEEE Transactions on Dependable and Secure Computing  
Rather, it forwards them to the untrusted normal-world OS, and verifies the returns.  ...  In this paper, we propose TrustShadow that provides a comprehensively protected execution environment for unmodified application running on ARM-based IoT devices.  ...  With the design above, TrustShadow protects legacy applications from the untrusted OSes running them.  ... 
doi:10.1109/tdsc.2018.2861756 fatcat:cge7n5y2fbfu5duj6zgqn5gre4

Overshadow

Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam, Carl A. Waldspurger, Dan Boneh, Jeffrey Dwoskin, Dan R.K. Ports
2008 SIGPLAN notices  
To address this limitation, we introduce a virtual-machine-based system called Overshadow that protects the privacy and integrity of application data, even in the event of a total OS compromise.  ...  Thus, Overshadow offers a last line of defense for application data.  ...  For some devices, multi-shadowing can be employed to protect the contents of "physical" device memory from being inspected or modified by untrusted software.  ... 
doi:10.1145/1353536.1346284 fatcat:ajmgnm4ngfd5tanwu7m7vrfgta

Overshadow

Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam, Carl A. Waldspurger, Dan Boneh, Jeffrey Dwoskin, Dan R.K. Ports
2008 Proceedings of the 13th international conference on Architectural support for programming languages and operating systems - ASPLOS XIII  
To address this limitation, we introduce a virtual-machine-based system called Overshadow that protects the privacy and integrity of application data, even in the event of a total OS compromise.  ...  Thus, Overshadow offers a last line of defense for application data.  ...  For some devices, multi-shadowing can be employed to protect the contents of "physical" device memory from being inspected or modified by untrusted software.  ... 
doi:10.1145/1346281.1346284 dblp:conf/asplos/ChenGLSWBDP08 fatcat:mptpkb6vejc5thvwcm54bfoo3q
« Previous Showing results 1 — 15 out of 640 results