Hypernel: A Hardware-Assisted Framework for Kernel Protection without Nested Paging

机译：Hypernel：一种无嵌套分页的硬件辅助框架保护框架

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
引文网络
相似文献
相关主题

摘要

Large OS kernels always suffer from attacks due to their numerous inherent vulnerabilities. To protect the kernel, hypervisors have been employed by many security solutions. However, relying on a hypervisor has a detrimental impact on the system performance due mainly to nested paging. In this paper, we present Hypernel, a security framework combining hardware and software components to address this problem. Hypersec, the software component, provides an isolated execution environment for security solutions, and the hardware monitor component enables a word-granularity monitoring capability on the kernel memory. Our evaluation shows that Hypernel efficiently fulfills the role of a security framework, while imposing mere 3.1% of runtime overhead on the system.

机译：大型OS内核由于其固有的众多漏洞而总是遭受攻击。为了保护内核，许多安全解决方案都采用了管理程序。但是，依赖于虚拟机管理程序对系统性能有不利影响，这主要是由于嵌套的分页。在本文中，我们介绍了Hypernel，这是一个结合了硬件和软件组件的安全框架来解决此问题。 Hypersec（软件组件）为安全解决方案提供了隔离的执行环境，而硬件监视器组件则启用了内核内存上的字粒度监视功能。我们的评估表明，Hypernel有效地履行了安全框架的角色，同时仅对系统施加了3.1％的运行时开销。

著录项

来源
《2018 55th ACM/ESDA/IEEE Design Automation Conference》|2018年|1-6|共6页
会议地点 San Francisco(US)
作者
Donghyun Kwon; Kuenwhee Oh; Junmo Park; Seungyong Yang; Yeongpil Cho; Brent Byunghoon Kang; Yunheung Paek;
展开▼
作者单位

Seoul National University;

KAIST;

Seoul National University;

KAIST;

Soongsil University;

KAIST;

Seoul National University;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类
关键词
Kernel; Security; Monitoring; Virtual machine monitors; Hardware; Registers;

机译：内核;安全性;监视;虚拟机监视器;硬件;寄存器;;

相似文献

外文文献
中文文献
专利

1. Agile Paging: Exceeding the Best of Nested and Shadow Paging [J] . Jayneel Gandhi, Mark D. Hill, Michael M. Swift Computer architecture news . 2016,第3期

机译：敏捷分页：超越嵌套和阴影分页的最佳标准
2. KI-Mon ARM: A Hardware-Assisted Event-triggered Monitoring Platform for Mutable Kernel Object [J] . Lee Hojoon, Moon Hyungon, Heo Ingoo, IEEE transactions on dependable and secure computing . 2019,第2期

机译：KI-Mon ARM：可变内核对象的硬件辅助事件触发监视平台
3. KI-Mon ARM: A Hardware-Assisted Event-triggered Monitoring Platform for Mutable Kernel Object [J] . Lee Hojoon, Moon Hyungon, Heo Ingoo, IEEE transactions on dependable and secure computing . 2019,第2期

机译：Ki-Mon ARM：用于可变内核对象的硬件辅助事件触发的监控平台
4. Hypernel: A Hardware-Assisted Framework for Kernel Protection without Nested Paging [C] . Donghyun Kwon, Kuenwhee Oh, Junmo Park, ACM/ESDA/IEEE Design Automation Conference . 2018

机译：Hypernel：没有嵌套寻呼的硬件辅助框架，用于内核保护
5. HEF: A Hardware-Assisted Security Evaluation Framework [D] . Kyung, Sukwha. 2017

机译：HEF：硬件辅助的安全评估框架
6. Genetic Architecture of Maize Kernel Composition in the Nested Association Mapping and Inbred Association Panels [O] . Jason P. Cook, Michael D. McMullen, James B. Holland, 2012

机译：巢式关联映射和自交系面板中玉米籽粒组成的遗传结构
7. A nested alignment graph kernel through the dynamic time warping framework [O] . Bai, Lu, Rossi, Luca, Cui, Lixin, 2017

机译：通过动态时间规整框架的嵌套对齐图内核
8. Detecting Hardware-assisted Hypervisor Rootkits within Nested Virtualized Environments. [R] . Morabito, D. B. 2012

机译：在嵌套虚拟化环境中检测硬件辅助的管理程序Rootkit。

Hypernel: A Hardware-Assisted Framework for Kernel Protection without Nested Paging

摘要

著录项

引文网络

相似文献

相关主题

期刊订阅