[PDF][PDF] Preventing Kernel Hacks with HAKCs.
Commodity operating system kernels remain monolithic for practical and historical reasons.
All kernel code shares a single address space, executes with elevated processor privileges …
All kernel code shares a single address space, executes with elevated processor privileges …
{KSplit}: Automating device driver isolation
Researchers have shown that recent CPU extensions support practical, low-overhead driver
isolation to protect kernels from defects and vulnerabilities in device drivers. With …
isolation to protect kernels from defects and vulnerabilities in device drivers. With …
Software and cyber security-a survey
刘剑, 苏璞睿, 杨珉, 和亮, 张源, 朱雪阳, 林惠民 - Journal of Software, 2017 - jos.org.cn
互联网已经渗入人类社会的各个方面, 极大地推动了社会进步. 与此同时, 各种形式的网络犯罪,
网络窃密等问题频繁发生, 给社会和国家安全带来了极大的危害. 网络安全已经成为公众和政府 …
网络窃密等问题频繁发生, 给社会和国家安全带来了极大的危害. 网络安全已经成为公众和政府 …
[PDF][PDF] Collaboro: a collaborative (meta) modeling tool
JLC Izquierdo, J Cabot - PeerJ Computer Science, 2016 - peerj.com
Motivation Scientists increasingly rely on intelligent information systems to help them in their
daily tasks, in particular for managing research objects, like publications or datasets. The …
daily tasks, in particular for managing research objects, like publications or datasets. The …
FlexOS: towards flexible OS isolation
At design time, modern operating systems are locked in a specific safety and isolation
strategy that mixes one or more hardware/software protection mechanisms (eg user/kernel …
strategy that mixes one or more hardware/software protection mechanisms (eg user/kernel …
Secure and efficient multi-variant execution using hardware-assisted process virtualization
Memory error exploits rank among the most serious security threats. Of the plethora of
memory error containment solutions proposed over the years, most have proven to be too …
memory error containment solutions proposed over the years, most have proven to be too …
Rio: a system solution for sharing i/o between mobile systems
Mobile systems are equipped with a diverse collection of I/O devices, including cameras,
microphones, sensors, and modems. There exist many novel use cases for allowing an …
microphones, sensors, and modems. There exist many novel use cases for allowing an …
Lightweight kernel isolation with virtualization and VM functions
Commodity operating systems execute core kernel subsystems in a single address space
along with hundreds of dynamically loaded extensions and device drivers. Lack of isolation …
along with hundreds of dynamically loaded extensions and device drivers. Lack of isolation …
Dancing with giants: Wimpy kernels for on-demand isolated i/o
To be trustworthy, security-sensitive applications must be formally verified and hence small
and simple, ie, wimpy. Thus, they cannot include a variety of basic services available only in …
and simple, ie, wimpy. Thus, they cannot include a variety of basic services available only in …
Flexos: Making os isolation flexible
H Lefeuvre, VA Bădoiu, Ş Teodorescu… - Proceedings of the …, 2021 - dl.acm.org
OS design is traditionally heavily intertwined with protection mechanisms. OSes statically
commit to one or a combination of (1) hardware isolation,(2) runtime checking, and (3) …
commit to one or a combination of (1) hardware isolation,(2) runtime checking, and (3) …