research-article

Hypernel: a hardware-assisted framework for kernel protection without nested paging

Authors:

Seungyong Yang,

Brent Byunghoon Kang,

Yunheung PaekAuthors Info & Claims

DAC '18: Proceedings of the 55th Annual Design Automation Conference

Article No.: 34, Pages 1 - 6

https://doi.org/10.1145/3195970.3196061

Published: 24 June 2018 Publication History

Abstract

Large OS kernels always suffer from attacks due to their numerous inherent vulnerabilities. To protect the kernel, hypervisors have been employed by many security solutions. However, relying on a hypervisor has a detrimental impact on the system performance due mainly to nested paging. In this paper, we present Hypernel, a security framework combining hardware and software components to address this problem. Hypersec, the software component, provides an isolated execution environment for security solutions, and the hardware monitor component enables a word-granularity monitoring capability on the kernel memory. Our evaluation shows that Hypernel efficiently fulfills the role of a security framework, while imposing mere 3.1% of runtime overhead on the system.

References

[1]

2017. Linux Kernel: CVE security vulnerabilities, versions and detailed reports. (2017). https://www.cvedetails.com/product/47/Linux-Kernel.html?vendor

[2]

2017. Xen: Vulnerability statistics. (2017). http://www.cvedetails.com/vendor/6276/XEN.html

[3]

ARM. LogicTile Express 20MG Daughter Board.

[4]

ARM. 2015. Versatile Express Juno r1 Development Platform. In ARM 100122_0100_00_en.

[5]

Ahmed M Azab. 2014. Hypervision Across Worlds: Real-time Kernel Protection from the ARM TrustZone Secure World. In Proceedings of the 2014 ACM Conference on Computer and Communications Security. 90--102.

Digital Library

[6]

Ahmed M Azab, Kirk Swidowski, Rohan Bhutkar, Jia Ma, Wenbo Shen, Ruowen Wang, and Peng Ning. 2016. SKEE: A Lightweight Secure Kernel-level Execution Environment for ARM. In Proceedings of the 2016 Network and Distributed System Security Symposium.

[7]

Yeongpil Cho, Donghyun Kown, Hayoon Yi, and Yunheung Paek. 2017. Dynamic Virtual Address Range Adjustment for Intra-Level Privilege Separation on ARM. (2017).

[8]

Yeongpil Cho, Jun-Bum Shin, Donghyun Kwon, MyungJoo Ham, Yuna Kim, and Yunheung Paek. 2016. Hardware-Assisted On-Demand Hypervisor Activation for Efficient Security Critical Code Execution on Mobile Devices. In USENIX Annual Technical Conference. 565--578.

Digital Library

[9]

Christoffer Dall, Shih-Wei Li, Jin Tack Lim, Jason Nieh, and Georgios Koloventzos. 2016. ARM virtualization: performance and architectural implications. In Proceedings of the 43rd International Symposium on Computer Architecture. IEEE Press, 304--316.

Digital Library

[10]

Christoffer Dall and Jason Nieh. 2014. KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor. In Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '14). ACM, New York, NY, USA, 333--348.

Digital Library

[11]

Nathan Dautenhahn, Theodoros Kasampalis, Will Dietz, John Criswell, and Vikram Adve. 2015. Nested Kernel: An Operating System Architecture for Intra-Kernel Privilege Separation. In Proceedings of the 20th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Vol. 50. 191--206.

Digital Library

[12]

Udit Dhawan, Catalin Hritcu, Raphael Rubin, Nikos Vasilakis, Silviu Chiricescu, Jonathan M. Smith, Thomas F. Knight, Jr., Benjamin C. Pierce, and Andre DeHon. 2015. Architectural Support for Software-Defined Metadata Processing. In Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '15). ACM, New York, NY, USA, 487--502.

Digital Library

[13]

Xinyang Ge, Hayawardh Vijayakumar, and Trent Jaeger. 2014. Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture. In Proceedings of the Mobile Security Technologies 2014 Workshop.

[14]

Owen S. Hofmann, Alan M. Dunn, Sangman Kim, Indrajit Roy, and Emmett Witchel. 2011. Ensuring Operating System Kernel Integrity with OSck. In Proceedings of the Sixteenth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS XVI). ACM, New York, NY, USA, 279--290.

Digital Library

[15]

Daehee Jang, Hojoon Lee, Minsu Kim, Daehyeok Kim, Daegyeong Kim, and Brent Byunghoon Kang. 2014. ATRA: Address Translation Redirection Attack Against Hardware-based External Monitors. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS '14). ACM, New York, NY, USA, 167--178.

Digital Library

[16]

Lazaros Koromilas, Giorgos Vasiliadis, Elias Athanasopoulos, and Sotiris Ioannidis. 2016. GRIM: Leveraging GPUs for Kernel Integrity Monitoring. In Proceedings of the 19th International Symposium of Research in Attacks, Intrusions and Defenses. 3--23.

[17]

Hojoon Lee, HyunGon Moon, DaeHee Jang, Kihwan Kim, Jihoon Lee, Yunheung Paek, and Brent ByungHoon Kang. 2013. KI-Mon: A Hardware-assisted Event-triggered Monitoring Platform for Mutable Kernel Object. In Presented as part of the 22nd USENIX Security Symposium (USENIX Security 13). USENIX, Washington, D.C., 511--526. https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/lee

Digital Library

[18]

Roberto Mijat and Andy Nightingale. 2011. Virtualization is coming to a platform near you. ARM white paper 20 (2011).

[19]

Gil Neiger, Amy Santoni, Felix Leung, Dion Rodgers, and Rich Uhlig. 2006. Intel Virtualization Technology: Hardware Support for Efficient Processor Virtualization. Intel Technology Journal 10, 3 (2006).

[20]

Nick L Petroni Jr and Michael Hicks. 2007. Automated detection of persistent kernel control-flow attacks. In Proceedings of the 14th ACM conference on Computer and communications security. ACM, 103--115.

Digital Library

[21]

Chengyu Song, Byoungyoung Lee, Kangjie Lu, William Harris, Taesoo Kim, and Wenke Lee. 2016. Enforcing Kernel Security Invariants with Data Flow Integrity. In NDSS.

[22]

Abhinav Srivastava and Jonathon Giffin. 2012. Efficient Protection of Kernel Data Structures via Object Partitioning. In Proceedings of the 28th Annual Computer Security Applications Conference. Orlando, Florida, USA, 429--438.

Digital Library

[23]

G Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, and Srinivas Devadas. 2003. AEGIS: architecture for tamper-evident and tamper-resistant processing. In Proceedings of the 17th annual international conference on Supercomputing. ACM, 160--171.

Digital Library

[24]

EFI Unified. 2014. Unified extensible firmware interface specification. Version 2 (2014), 1827--1882.

[25]

Amit Vasudevan, Sagar Chaki, Limin Jia, Jonathan McCune, James Newsome, and Anupam Datta. 2013. Design, Implementation and Verification of an extensible and Modular Hypervisor Framework. In Proceedings of the 2013 IEEE Symposium on Security and Privacy. IEEE, 430--444.

Digital Library

[26]

Xiaoguang Wang, Yue Chen, Zhi Wang, Yong Qi, and Yajin Zhou. 2015. SecPod: a Framework for Virtualization-based Security Systems. In USENIX Annual Technical Conference. 347--360.

Digital Library

[27]

Zhi Wang, Xuxian Jiang, Weidong Cui, and Peng Ning. 2009. Countering kernel rootkits with lightweight hook protection. In Proceedings of the 16th ACM conference on Computer and communications security. ACM, 545--554.

Digital Library

[28]

Emmett Witchel, Josh Cates, and Krste Asanović. 2002. Mondrian Memory Protection. In Proceedings of the 10th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS X). ACM, New York, NY, USA, 304--316.

Digital Library

[29]

Jonathan Woodruff, Robert NM Watson, David Chisnall, Simon W Moore, Jonathan Anderson, Brooks Davis, Ben Laurie, Peter G Neumann, Robert Norton, and Michael Roe. 2014. The CHERI capability model: Revisiting RISC in an age of risk. In Computer Architecture (ISCA), 2014 ACM/IEEE 41st International Symposium on. IEEE, 457--468.

Digital Library

Cited By

Chen ZQiu HDing X(2024)DScope: To Reliably and Securely Acquire Live Data from Kernel-Compromised ARM DevicesComputer Security – ESORICS 202310.1007/978-3-031-51482-1_14(271-289)Online publication date: 11-Jan-2024
https://doi.org/10.1007/978-3-031-51482-1_14
Cinque MDe Simone LMazzocca NOttaviano DVitale F(2023)Evaluating virtualization for fog monitoring of real-time applications in mixed-criticality systemsReal-Time Systems10.1007/s11241-023-09410-459:4(534-567)Online publication date: 1-Nov-2023
https://doi.org/10.1007/s11241-023-09410-4
Guo YWang ZZhong BZeng Q(2022)Formal Modeling and Security Analysis for Intra-level Privilege SeparationProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3567984(88-101)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1145/3564625.3567984
Show More Cited By

Recommendations

Hypernel: A Hardware-Assisted Framework for Kernel Protection without Nested Paging
2018 55th ACM/ESDA/IEEE Design Automation Conference (DAC)
Large OS kernels always suffer from attacks due to their numerous inherent vulnerabilities. To protect the kernel, hypervisors have been employed by many security solutions. However, relying on a hypervisor has a detrimental impact on the system ...
SRVM: Hypervisor Support for Live Migration with Passthrough SR-IOV Network Devices
VEE '16

Single-Root I/O Virtualization (SR-IOV) is a specification that allows a single PCI Express (PCIe) device (ysical function or PF) to be used as multiple PCIe devices (virtual functions or VF). In a virtualization system, each VF can be directly assigned ...
SRVM: Hypervisor Support for Live Migration with Passthrough SR-IOV Network Devices
VEE '16: Proceedings of the12th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

Single-Root I/O Virtualization (SR-IOV) is a specification that allows a single PCI Express (PCIe) device (ysical function or PF) to be used as multiple PCIe devices (virtual functions or VF). In a virtualization system, each VF can be directly assigned ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

DAC '18: Proceedings of the 55th Annual Design Automation Conference

June 2018

1089 pages

ISBN:9781450357005

DOI:10.1145/3195970

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

EDAC: Electronic Design Automation Consortium
SIGDA: ACM Special Interest Group on Design Automation
IEEE Council on Electronic Design Automation (CEDA)

In-Cooperation

SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 June 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

DAC '18

Sponsor:

EDAC
SIGDA

DAC '18: The 55th Annual Design Automation Conference 2018

June 24 - 29, 2018

California, San Francisco

Acceptance Rates

Overall Acceptance Rate 1,770 of 5,499 submissions, 32%

Upcoming Conference

DAC '25

Sponsor:
sigda

62nd ACM/IEEE Design Automation Conference

June 22 - 26, 2025

San Francisco , CA , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
424
Total Downloads

Downloads (Last 12 months)17
Downloads (Last 6 weeks)2

Reflects downloads up to 27 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Chen ZQiu HDing X(2024)DScope: To Reliably and Securely Acquire Live Data from Kernel-Compromised ARM DevicesComputer Security – ESORICS 202310.1007/978-3-031-51482-1_14(271-289)Online publication date: 11-Jan-2024
https://doi.org/10.1007/978-3-031-51482-1_14
Cinque MDe Simone LMazzocca NOttaviano DVitale F(2023)Evaluating virtualization for fog monitoring of real-time applications in mixed-criticality systemsReal-Time Systems10.1007/s11241-023-09410-459:4(534-567)Online publication date: 1-Nov-2023
https://doi.org/10.1007/s11241-023-09410-4
Guo YWang ZZhong BZeng Q(2022)Formal Modeling and Security Analysis for Intra-level Privilege SeparationProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3567984(88-101)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1145/3564625.3567984
Kwon DHwang DPaek Y(2021)A Hardware Platform for Ensuring OS Kernel Integrity on RISC-VElectronics10.3390/electronics1017206810:17(2068)Online publication date: 26-Aug-2021
https://doi.org/10.3390/electronics10172068
Hwang DYang MJeon SLee YKwon DPaek Y(2019)RiskiM: Toward Complete Kernel Protection with Hardware Support2019 Design, Automation & Test in Europe Conference & Exhibition (DATE)10.23919/DATE.2019.8715277(740-745)Online publication date: Mar-2019
https://doi.org/10.23919/DATE.2019.8715277

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten