Version v.002

Speaker: Anil Kurmus


Anil Kurmus is a Systems Security Researcher at IBM Research in Zurich. He holds a master degree from Telecom Paristech and Eurecom, and a PhD degree from TU Braunschweig. He authored over 20 papers and patents in the areas of systems security and applied cryptography in well-known academic conferences.

Kernel exploitation and hardening: why we could have nice things!

Many proposed kernel hardening features come at the expense of performance or usability. This limits their possible widespread adoption. But could you have your cake and eat it too?

This talk will start with a brief introduction on kernel exploitation and hardening. Then we'll move on to show why we could have nice things, by making kernel hardening dynamic through split kernel, a research project we pursue.

Split kernel makes use of a new way of compiling kernels. Each kernel function is built with and without hardening. In particular, this allows trusted processes to be run under unmodified kernel code, while system calls of untrusted processes are directed to the hardened kernel code. Such trusted processes run with no overhead when compared to an unmodified kernel. This allows deferring the decision of making use of hardening to the runtime. Therefore, kernel distributors, system administrators and users can selectively enable hardening according to their needs. This approach comes with limitations, in particular it cannot be directly applied to arbitrary kernel hardening mechanisms: I will show cases where it can, with a demo of a kernel exploit with the hardening dynamically turned on and off.