Towards a diversification framework for operating system protection - UTU Tutkimustietojärjestelmä

A4 Vertaisarvioitu artikkeli konferenssijulkaisussa

Towards a diversification framework for operating system protection

Tekijät: Rauti Sampsa, Holvitie Johannes, Leppänen Ville

Toimittaja: Boris Rachev, Angel Smrikarov

Konferenssin vakiintunut nimi: International conference on computer systems and technologies

Julkaisuvuosi: 2014

Kokoomateoksen nimi: CompSysTech '14 Proceedings of the 15th International Conference on Computer Systems and Technologies

Sarjan nimi: ACM International Conference Proceeding Series

Numero sarjassa: 883

Aloitussivu: 286

Lopetussivu: 293

ISBN: 978-1-4503-2753-4

DOI: https://doi.org/10.1145/2659532.2659642

Tiivistelmä

In order to use resources of a computer, malware has to know the interfaces provided by the operating system. If we make these critical interfaces unique by diversifying the operating system and user applications, a piece of malware can no longer successfully interact with its environment. Diversification can be considered as a computer-specific secret. This paper discusses how this API diversification could be performed. We also study how much work would be needed to diversify the Linux kernel in order to hide the system call interface from malware.