-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathabstract.tex
40 lines (37 loc) · 2.31 KB
/
abstract.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
\subsection*{Abstract}
%Virtual machines (VMs) are widely used in practice, in part for their ability to
%isolate potentially untrusted code from the rest of a system.
%Recently, library OSes and containers have also presented promising security options.
%
%However, it is often possible to trigger zero-day flaws
%in the host Operating System (OS) from inside of such virtualized systems.
%
%In this paper, we offer a new insight about where security bugs lie. By observing that the OS kernel paths accessed
%by popular applications in everyday use contain significantly fewer security bugs than less-used paths,
%we devise a design that allows applications to run more securely in VMs on top of a vulnerable host OS.
%Furthermore, We
%leverage this observation to devise the \lip design, which
%\textbf{\textit{locks}} an application, and the POSIX implementation that services it, into
%accessing only the well-used \textbf{\textit{popular}} portion of the kernel. Using the \lip model, we
%implement a prototype virtual machine called Lind.
%
%We compare Lind and three other virtualized systems that were
%available at the release of Linux kernel version 3.14.1, and evaluate
%their effectiveness in containing the zero-day kernel bugs that have been discovered
%since then.
%
%Our results show that Lind can prevent the triggering of zero-day kernel bugs significantly better
%than an existing library OS (Graphene) and containers such as Docker and LXC.
Virtual machines (VMs) that try to isolate untrusted code are widely used in practice.
However, it is often possible to trigger zero-day flaws
in the host Operating System (OS) from inside of such virtualized systems.
%
In this paper, we propose a new security metric showing strong correlation between ``popular paths''
and kernel vulnerabilities. We verified that the OS kernel paths accessed
by popular applications in everyday use contain significantly fewer security bugs than less-used paths. We then demonstrate that this observation is
practically useful by building a prototype system which \textit{locks} an
application into only using \textit{popular} OS kernel paths. By doing so, we
demonstrate that
we can prevent the triggering of zero-day kernel bugs
significantly better than three other competing approaches, and argue that
this is a practical approach to secure system design.