Publication Type
Conference Proceeding Article
Version
acceptedVersion
Publication Date
2013
Abstract
Personal computers lack of a security foothold to allow the end-users to protect their systems or to mitigate the damage. Existing candidates either rely on a large Trusted Computing Base (TCB) or are too costly to widely deploy for commodity use. To fill this gap, we propose a hypervisor-based security foothold, named as Guardian, for commodity personal computers. We innovate a bootup and shutdown mechanism to achieve both integrity and availability of Guardian. We also propose two security utilities based on Guardian. One is a device monitor which detects malicious manipulation on camera and network adaptors. The other is hyper-firewall whereby Guardian expects incoming and outgoing network packets based on policies specified by the user. We have implemented Guardian (≈ 25K SLOC) and the two utilities (≈ 2.1K SLOC) on a PC with an Intel processor. Our experiments show that Guardian is practical and incurs insignificant overhead to the system.
Discipline
Information Security
Research Areas
Information Security and Trust
Publication
Trust and Trustworthy Computing: 6th International Conference, TRUST 2013, London, UK, June 17-19, 2013. Proceedings
First Page
19
Last Page
36
ISBN
9783642389078
Identifier
10.1007/978-3-642-38908-5_2
Publisher
Springer Verlag
City or Country
London, United Kingdom
Citation
CHENG, Yueqiang and DING, Xuhua.
Guardian: Hypervisor as Security Foothold for Personal Computers. (2013). Trust and Trustworthy Computing: 6th International Conference, TRUST 2013, London, UK, June 17-19, 2013. Proceedings. 19-36.
Available at: https://ink.library.smu.edu.sg/sis_research/1970
Copyright Owner and License
LARC
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
http://dx.doi.org/10.1007/978-3-642-38908-5_2