| It is an important means to protect operating system secutity by doing security monitoring at kernel level. However, current kernel monitoring models based on virtualization have two main drawbacks:1) Virtual machine monitor (VMM) is vulnerable to attacks due to non-trivial complexity and having a considerable attack surface; 2) VMM executes redundant virtualization functionalities, leading to heavy performance loss, In response to these problems, we focus on kernel monitoring model using virtualization, and aim to improve both security and performance in this thesis.The main work is as follows:(1) By analyzing and summarizing existing researches on kernel monitoring model and researches on improving virtualization security, we compared both advantages and disadvantages of these methods. In addition, virtualization technologies used in kernel monitoring model were summarized. In particular, Intel VT hardware virtualization technology, which was employed in this thesis, was introduced detailly. Upon this basis, requirements of this thesis were clarified, which include reducing TCB size of monitoring model, removing attack surface of VMM and improving model’s performance.(2) Based on requirement analysis, we proposed a secure and efficient kernel monitoring model utilizing hardware virtualization, named HyperNE. In HyperNE, virtualization functionalities, which are isolation and protection unrelated, are removed from VMM, and guest OS is allowed to directly conduct privileged operations with no need to interact with VMM. Meanwhile, without sacrificing isolation guarantees, HyperNE utilizes a newly supported virtualization feature, to transfer execution between security monitoring applications and guest OS in a controlled manner with no VMM involvement. In this way, HyperNE can not only eliminate the attack surface of VMM and effectively reduce TCB size of monitoring model, but also greatly improve system and monitoring performance by avoiding virtualization overheads.(3) According to HyperNE model, we carried out system design and implementation. And a discussion was made on how HyperNE model meets both security and performance requirements, meanwhile, experimental results illustrate that HyperNE is efficient in monitoring, and guest OS in HyperNE is close to or even reaching bare metal performance. |
PDF Full Text Request