Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Hypervisor Integrity Measurement Assistant
RISE, Swedish ICT, SICS, Computer Systems Laboratory.ORCID iD: 0000-0001-6173-599x
2012 (English)Report (Other academic)
Abstract [en]

An attacker who has gained access to a computer may want to upload or modify configuration files, etc., and run arbitrary programs of his choice. We can severely restrict the power of the attacker by having a white-list of approved file checksums and preventing the kernel from loading loading any file with a bad checksum. The check may be placed in the kernel, but that requires a kernel that is prepared for it. The check may also be placed in a hypervisor which intercepts and prevents the kernel from loading a bad file. We describe the implementation of and give performance results for two systems. In one the checksumming, or integrity measurement, and decision is performed by the hypervisor instead of the OS. In the other only the final integrity decision is done in the hypervisor. By moving the integrity check out from the VM kernel it becomes harder for the intruder to bypass the check. We conclude that it is technically possible to put file integrity control into the hypervisor, both for kernels without and with pre-compiled support for integrity measurement.

Place, publisher, year, edition, pages
Kista, Sweden: Swedish Institute of Computer Science , 2012, 11.
Series
SICS Technical Report, ISSN 1100-3154 ; 2012:06
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ri:diva-24054OAI: oai:DiVA.org:ri-24054DiVA, id: diva2:1043133
Projects
TESPEVSCNSAvailable from: 2016-10-31 Created: 2016-10-31 Last updated: 2018-08-13Bibliographically approved

Open Access in DiVA

fulltext(394 kB)13 downloads
File information
File name FULLTEXT01.pdfFile size 394 kBChecksum SHA-512
244348bda01af81d761c5edfad518784fa121877eda6ea201dc8147f2dfad02226466a15b72f1264e93de6047db608319b952dad66c9d5d20a4a7bf4f74f83e9
Type fulltextMimetype application/pdf

Authority records BETA

Rasmusson, Lars

Search in DiVA

By author/editor
Rasmusson, Lars
By organisation
Computer Systems Laboratory
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 13 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 24 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.2