| General-purpose computing devices, such as personal computers (PCs), and the operating systems that run on them provide more functionality and capabilities than most users will ever want or need. Too much of the burden of keeping these computer systems secure is placed on the end users. Users are often required to keep the operating system, applications, security software, and anti-virus definitions up-to-date. Even with the latest security updates, users are still susceptible to the newest exploits. When a system does become compromised, the process of then restoring it to a usable state can frequently result in the loss of personal data stored on the system. Personal data can often only be recovered through repeated effort and in some cases can never be recovered. Malicious software (malware) is not the only source of problems on a computer system. Software bugs and conflicting software packages can also cause system instability as well as data corruption.;In this dissertation, we present a unique desktop system architecture solution to the pervasive problem of recovering from malware attacks. We demonstrate our architecture with an open source implementation of our Rapid Recovery Desktop system that provides resistance against attack and rapid recovery from broken system state and malware infestation. Our system combines a file server virtual machine (FS-VM), a network virtual machine (NET-VM), a virtual machine contract system, and a virtualization security framework (OSCKAR) to isolate, provide access control, and limit the privileges of applications. We measured the system's performance overhead and evaluated the security and recovery benefits. |
