Abstract | ||
---|---|---|
Malicious root-kits modify the in-memory state of programs executing on an endpoint to hide themselves from security software. Such attacks negatively affect network-based security frameworks that depend on the trustworthiness of endpoint software. In network access control frameworks this issue is called the lying-endpoint problem, where a compromised endpoint spoofs software integrity reports to render the framework untrustworthy. We present a novel architecture called Virtualization-enabled Integrity Services (VIS) to protect the run-time integrity of network-access software in an untrusted environment. We describe the design of a VIS-protected network access stack, and characterize its performance. We show that a network access stack running on an existing operating system can be protected using VIS with less than 5% overhead, even when each network packet causes protection enforcement. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1007/978-3-540-75694-1_12 | DSOM |
Keywords | Field | DocType |
virtualized network access framework,run-time integrity,security software,vis-protected network access,network packet,network access control,endpoint software,network-access software,network-based security framework,network access,endpoint spoofs software integrity,lying-endpoint problem,software integration,integrated services,access control,negative affect,operating system,virtualization,virtual memory | Virtualization,Architecture,Computer security,Computer science,Network packet,Lying,Computer network,Software,Enforcement,Network Access Control,Access network,Distributed computing | Conference |
Volume | ISSN | ISBN |
4785 | 0302-9743 | 3-540-75693-0 |
Citations | PageRank | References |
3 | 0.48 | 13 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Ravi Sahita | 1 | 12 | 2.69 |
Uday R. Savagaonkar | 2 | 317 | 13.13 |
Prashant Dewan | 3 | 100 | 8.68 |
David Durham | 4 | 41 | 8.87 |