Sciweavers

ASPLOS
2006
ACM

Manitou: a layer-below approach to fighting malware

14 years 6 months ago
Manitou: a layer-below approach to fighting malware
Unbeknownst to many computer users, their machines are running malware. Others are aware that strange software inhabits their machine, but cannot get rid of it. In this paper, we present Manitou, a system that provides users with the ability to assign, track and revoke execution privileges for code, regardless of the integrity and type of operating system the machine is using. Manitou is implemented within a hypervisor and uses the per-page permission bits to ensure that any code contained in an executable page corresponds to authorized code. Manitou authenticates code by taking a cryptographic hash of the content of a page right before executing code contained in that page. Our system guarantees that only authorized code can be run on the system. Categories and Subject Descriptors D.4.6 [Operating Systems]: Security and Protection; K.6.5 [Management of Computing and Information Systems]: Security and Protection General Terms Security, Human Factors Keywords Manitou, malware removal, ...
Lionel Litty, David Lie
Added 13 Jun 2010
Updated 13 Jun 2010
Type Conference
Year 2006
Where ASPLOS
Authors Lionel Litty, David Lie
Comments (0)