File(s) under permanent embargo
Operating system kernel data disambiguation to support security analysis
conference contribution
posted on 2012-12-31, 00:00 authored by Amani Ibrahim, John Grundy, J Hamlyn-Harris, M AlmorsyIt is very challenging to verify the integrity of Operating System (OS) kernel data because of its complex layout. In this paper, we address the problem of systematically generating an accurate kernel data definition for OSes without any prior knowledge of the OS kernel data. This definition accurately reflects the kernel data layout by resolving the pointer-based relations ambiguities between kernel data, in order to support systemic kernel data integrity checking. We generate this definition by performing static points-to analysis on the kernel's source code. We have designed a new points-to analysis algorithm and have implemented a prototype of our system. We have performed several experiments with real-world applications and OSes to prove the scalability and effectiveness of our approach for OS security applications.
History
Event
Network and System Security. International Conference (6th : 2012 : Fujian, China)Volume
7645Series
Lecture Notes in Computer SciencePagination
263 - 276Publisher
SpringerLocation
Fujian, ChinaPlace of publication
Berlin, GermanyPublisher DOI
Start date
2012-11-21End date
2012-11-23ISSN
0302-9743eISSN
1611-3349ISBN-13
9783642346002Language
engPublication classification
E Conference publication; E1.1 Full written paper - refereedCopyright notice
2012, SpringerTitle of proceedings
NSS 2012 : Proceedings of the 6th International Conference on Network and System Security 2012Usage metrics
Categories
No categories selectedLicence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC