Version v.002
lecture: Kernel exploitation and hardening: why we could have nice things!
Many proposed kernel hardening features come at the expense of performance or usability. This limits their possible widespread adoption. But could you have your cake and eat it too?
This talk will start with a brief introduction on kernel exploitation and hardening. Then we'll move on to show why we could have nice things, by making kernel hardening dynamic through split kernel, a research project we pursue.
Many proposed kernel hardening features come at the expense of performance or usability. This limits their possible widespread adoption. But could you have your cake and eat it too?
This talk will start with a brief introduction on kernel exploitation and hardening. Then we'll move on to show why we could have nice things, by making kernel hardening dynamic through split kernel, a research project we pursue.
Split kernel makes use of a new way of compiling kernels. Each kernel function is built with and without hardening. In particular, this allows trusted processes to be run under unmodified kernel code, while system calls of untrusted processes are directed to the hardened kernel code. Such trusted processes run with no overhead when compared to an unmodified kernel. This allows deferring the decision of making use of hardening to the runtime. Therefore, kernel distributors, system administrators and users can selectively enable hardening according to their needs. This approach comes with limitations, in particular it cannot be directly applied to arbitrary kernel hardening mechanisms: I will show cases where it can, with a demo of a kernel exploit with the hardening dynamically turned on and off.
Info
Day:
2016-09-09
Start time:
21:00
Duration:
01:00
Room:
Tesla
Links:
Feedback
Click here to let us know how you liked this event.
Concurrent events
Speakers
 |
Anil Kurmus |