内核完整性保护模型的设计与实现

田东海; 陈君华; 贾晓启; 胡昌振

doi:10.11959/j.issn.1000-436x.2015289

您当前的位置：

首页 >

文章列表页 >

内核完整性保护模型的设计与实现

学术论文 | 更新时间：2024-06-05

- 内核完整性保护模型的设计与实现
- Design and implementation of a model for OS kernel integrity protection
- 通信学报 2015年36卷第Z1期页码：118-125
- 作者机构：
  
  1. 北京理工大学北京市软件安全工程技术重点实验室，北京 100081
  2. Key Laboratory of IDT Application Technology of Universities in Yunnam Province,Yunnam Minzu University,Kunming 650500,China
  3. 中国科学院信息工程研究所信息安全国家重点实验室，北京 100093
- 作者简介：
  
  [ "田东海（1984-），男，湖南长沙人，博士，北京理工大学讲师，主要研究方向为操作系统安全、虚拟化技术、智能终端安全等。" ]
  [ "陈君华[通信作者]（1975-），男，四川仪陇人，博士，云南民族大学副教授，主要研究方向为物联网应用和信息安全等。E-mail:chenjunhuabj@163.com。" ]
  [ "贾晓启（1982-），男，北京人，博士，中国科学院信息工程研究所副研究员，主要研究方向为操作系统安全、云计算安全和虚拟化技术等。" ]
  [ "胡昌振（1967-），男，湖北汉川人，博士，北京理工大学教授，主要研究方向为网络安全、软件安全和模式识别等。" ]
- 基金信息：
  
  国家高技术研究发展计划（“863”计划）基金资助项目(2012AA013101);中科院先导科技专项基金资助项目(XDA06030601);国家自然科学基金资助项目(61100228);国家自然科学基金资助项目(61202479);云南省高校物联网应用技术重点实验室开放基金资助项目(2015IOT03)
- DOI：10.11959/j.issn.1000-436x.2015289
  中图分类号： TP309
- 网络出版日期：2015-11，
  
  纸质出版日期：2015-11-25
- 稿件说明：
移动端阅览
田东海, 陈君华, 贾晓启, 等. 内核完整性保护模型的设计与实现[J]. 通信学报, 2015,36(Z1):118-125.

Dong-hai TIAN, Jun-hua CHEN, Xiao-qi JIA, et al. Design and implementation of a model for OS kernel integrity protection[J]. Journal on communications, 2015, 36(Z1): 118-125.
田东海, 陈君华, 贾晓启, 等. 内核完整性保护模型的设计与实现[J]. 通信学报, 2015,36(Z1):118-125. DOI： 10.11959/j.issn.1000-436x.2015289.

Dong-hai TIAN, Jun-hua CHEN, Xiao-qi JIA, et al. Design and implementation of a model for OS kernel integrity protection[J]. Journal on communications, 2015, 36(Z1): 118-125. DOI： 10.11959/j.issn.1000-436x.2015289.

摘要

非可信内核扩展模块是对操作系统内核完整性安全的重要威胁之一，因为它们一旦被加载到内核空间，将可能任意破坏操作系统内核数据和代码完整性。针对这一问题，提出了一种基于强制访问控制对操作系统内核完整性保护的模型—MOKIP。该模型的基本思想是为内核空间中的不同实体设置不同的完整性标签，然后保证具有低完整性标签的实体不能破坏具有高完整性标签的实体。基于硬件辅助的虚拟化技术实现了原型系统，实验结果表明，本系统能够抵御各种恶意内核扩展模块的攻击，其性能开销被控制在13%以内。

Abstract

Untrusted kernel extensions were considered to be a big threat to OS kernel integrity because once they were loaded into the kernel space

then they may corrupt both the OS kernel data and code at will.To address this problem

MAC-based model named MOKIP for OS kernel integrity protection was presented.The basic idea of MOKIP was to set different integrity labels for different entities in the kernel space

and then ensure that the entities with low integrity label cannot harm the entities with high integrity label.A prototype system based on the hardware assisted virtualization technology was implemented.The experimental results show that proposed system is effective at defending against various malicious kernel extension attacks within a little performance overhead which is less than 13%.

关键词

Keywords

references

DANIELA A S O , WU S F . Protecting kernel code and data with a virtualization-aware collaborative operating system [A ] . Proceedings of the 25th Annual Computer Security Applications Conference (ACSAC) [C ] . Honolulu,Hawaii , 2009 . 451 - 460 .

BIBA K J . Integrity consideration for secure compuer system [R ] . Technical report,Mitre Corp.Report TR-3153,Bedford,Mass , 1977 .

XU M , JIANG X X , RAVI S , et al . Towards a VMM-based usage control framework for OS kernel integrity protection [A ] . Proceedings of the 12th ACM Symposium on Access Control Models and Technologies [C ] . Sophia Antipolis,France , 2007 . 71 - 80 .

Microsoft Corporation . Windows Driver Signing [EB/OL ] . http://www.microsoft.com/ http://www.microsoft.com/ .

Windows Vista Security Blog [EB/OL ] . http://blogs.msdn.com/windowsvistasecurity/archive/2007/08/16/ http://blogs.msdn.com/windowsvistasecurity/archive/2007/08/16/ .

GUTTMAN J , HERZOG A , RAMSDELL J . Information flow in operating systems:eager formal methods [A ] . Workshop on Issues in the Theory of Security (WITS) [C ] . 2003 .

SANDHU R S . Lattice-based access control models [J ] . IEEE Computer , 1993 , 26 ( 11 ): 9 - 19 .

SHANKAR U , JAEGER T , SAILER R . Toward automated information-flow integrity verification for security-critical applications [A ] . Proceedings of the 13th Network and Distributed System Security Symposium (NDSS) [C ] . 2006 .

BARHAM P , DRAGOVIC B , FRASER K , et al . Xen and the art of virtualization [A ] . Proceedings of the 19th ACM Symposium on Operating System Principles (SOSP) [C ] . 2003 . 164 - 177 .

Intel Corporation . Intel 64 and IA-32 Architectures Software Developer's Manuals [EB/OL ] . http://www.intel.com/Assets/PDF/manual/253669.pdf http://www.intel.com/Assets/PDF/manual/253669.pdf .

PETER M C , BRIAN D N . When virtual is better than real [A ] . Proceedings of the 2001 Workshop on Hot Topics in Operating Systems (HotOS) [C ] . 2001 .0133.

DANIEL B , MARCO C , Understanding the Linux Kernel [M ] . O'Reilly＆ Associates Inc,third edition , 2005 .

SESHADRI A L M Q N . PERRIG A . SecVisor:a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes [A ] . Proceedings of the 24th ACM Symposium on Operating System Principles (SOSP) [C ] . 2007 . 335 - 350 .

RYAN R , JIANG X X , XU D Y . Guest-transparent prevention of kernel rootkits with VMM-based memory shadowing [A ] . Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID) [C ] . 2008 . 1 - 20 .

MICHAEL G , WANG Z , DEEPA S , et al . Transparent protection of commodity OS kernels using hardware virtualization [A ] . Proceedings of the 6th International Conference on Security and Privacy in Communication Networks (SecureComm) [C ] . 2010 . 162 - 180 .

RALF H , THORSTEN H , FELIX C F . Return-oriented rootkits:bypassing kernel code integrity protection mechanisms [A ] . Proceedings of 18th Usenix Security Symposium (Usenix Security) [C ] . 2009 . 383 - 398 .

MAO Y D , CHEN H G , ZHOU D , et al . Software fault isolation with API integrity and multi-principal modules [A ] . Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles (SOSP) [C ] . 2011 . 115 - 128 .

马超 , 尹杰 , 刘虎球 , 等 . KFUR:一个新型内核扩展安全模型 [J ] . 计算机学报 , 2012 , 35 ( 10 ): 2091 - 2100 .

MA C , YIN J , LIU H Q , et al . KFUK:a new rernel extension security model [J ] . Chinese Journal of Computers , 2012 , 35 ( 10 ): 2091 - 2100 .

郑豪 , 董小社 , 王恩东 , 等 . VM 内部隔离驱动程序的可靠性架构 [J ] . 软件学报 , 2014 ,( 10 ): 2235 - 2250 .

ZHENG H , DONG X S , WANG E D , et al . Reliability architecture to isolate the driver inside the VM [J ] . Journal of Software , 2014 ,( 10 ): 2235 - 2252 .

浏览量

1698

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于MapReduce虚拟机的Deep Web数据源发现方法