Sciweavers

SOSP
2007
ACM

SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes

14 years 9 months ago
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
We propose SecVisor, a tiny hypervisor that ensures code integrity for commodity OS kernels. In particular, SecVisor ensures that only approved code can execute in kernel mode over the entire system lifetime. This protects the kernel against code injection attacks, such as kernel rootkits. SecVisor can achieve this property even against an attacker who controls everything but the CPU, the memory controller, and system memory. Further, SecVisor the attacker could have the knowledge of zero-day kernel exploits. Our design goals for SecVisor are small code size, small external interface, and ease of porting OS kernels. We rely on memory virtualization to build SecVisor and implement two versions, one using software memory virtualization and the other using CPU-supported memory virtualization. The code sizes of the runtime portions of these versions measure 1739 and 1112 lines, respectively. The size of the external interface for both versions of SecVisor is 2 hypercalls. We also port the...
Arvind Seshadri, Mark Luk, Ning Qu, Adrian Perrig
Added 17 Mar 2010
Updated 17 Mar 2010
Type Conference
Year 2007
Where SOSP
Authors Arvind Seshadri, Mark Luk, Ning Qu, Adrian Perrig
Comments (0)