Paper Info
Title
Mitigating the lying-endpoint problem in virtualized network access frameworks
Abstract
Malicious root-kits modify the in-memory state of programs executing on an endpoint to hide themselves from security software. Such attacks negatively affect network-based security frameworks that depend on the trustworthiness of endpoint software. In network access control frameworks this issue is called the lying-endpoint problem, where a compromised endpoint spoofs software integrity reports to render the framework untrustworthy. We present a novel architecture called Virtualization-enabled Integrity Services (VIS) to protect the run-time integrity of network-access software in an untrusted environment. We describe the design of a VIS-protected network access stack, and characterize its performance. We show that a network access stack running on an existing operating system can be protected using VIS with less than 5% overhead, even when each network packet causes protection enforcement.
Year
DOI
Venue
2007
10.1007/978-3-540-75694-1_12
DSOM
Keywords
Field
DocType
virtualized network access framework,run-time integrity,security software,vis-protected network access,network packet,network access control,endpoint software,network-access software,network-based security framework,network access,endpoint spoofs software integrity,lying-endpoint problem,software integration,integrated services,access control,negative affect,operating system,virtualization,virtual memory
Virtualization,Architecture,Computer security,Computer science,Network packet,Lying,Computer network,Software,Enforcement,Network Access Control,Access network,Distributed computing
Conference
Volume
ISSN
ISBN
4785
0302-9743
3-540-75693-0
Citations 
PageRank 
References 
3
0.48
13
Authors
4
Name
Order
Citations
PageRank
Ravi Sahita1122.69
Uday R. Savagaonkar231713.13
Prashant Dewan31008.68
David Durham4418.87