Deakin University
Browse

File(s) under permanent embargo

Operating system kernel data disambiguation to support security analysis

conference contribution
posted on 2012-12-31, 00:00 authored by Amani Ibrahim, John Grundy, J Hamlyn-Harris, M Almorsy
It is very challenging to verify the integrity of Operating System (OS) kernel data because of its complex layout. In this paper, we address the problem of systematically generating an accurate kernel data definition for OSes without any prior knowledge of the OS kernel data. This definition accurately reflects the kernel data layout by resolving the pointer-based relations ambiguities between kernel data, in order to support systemic kernel data integrity checking. We generate this definition by performing static points-to analysis on the kernel's source code. We have designed a new points-to analysis algorithm and have implemented a prototype of our system. We have performed several experiments with real-world applications and OSes to prove the scalability and effectiveness of our approach for OS security applications.

History

Event

Network and System Security. International Conference (6th : 2012 : Fujian, China)

Volume

7645

Series

Lecture Notes in Computer Science

Pagination

263 - 276

Publisher

Springer

Location

Fujian, China

Place of publication

Berlin, Germany

Publisher DOI

Start date

2012-11-21

End date

2012-11-23

ISSN

0302-9743

eISSN

1611-3349

ISBN-13

9783642346002

Language

eng

Publication classification

E Conference publication; E1.1 Full written paper - refereed

Copyright notice

2012, Springer

Title of proceedings

NSS 2012 : Proceedings of the 6th International Conference on Network and System Security 2012

Usage metrics

    Research Publications

    Categories

    No categories selected

    Keywords

    points-to analysisoperating systemkernel data structures

    Licence

    All Rights Reserved

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC