Efficient Kernel Partitioning

Lead Research Organisation: University of Bristol
Department Name: Computer Science

Abstract

The operating system (OS) kernel forms the foundation of a system, and is often assumed to be the trusted computing base (TCB) for many higher level security mechanisms. Unfortunately, there have been attacks on OS kernel that compromise the security of the entire system. In the case of monolithic kernels, its lack of isolation results in a flat and wide attack surface, hence making it an attractive attack target. Attack surface reduction is one of the promising techniques for mitigating such attacks. In this work, we aim to harden the security of monolithic kernels by reducing its attack surface via kernel partitioning. Our goal is to implement a practical kernel partitioning technique that has reasonably low overhead. The research aims at investigating kernel partitioning techniques by leveraging the recent developments in hardware to strike a balance between overhead and accuracy/precision.

Publications

10 25 50

Studentship Projects

Project Reference Relationship Related To Start End Student Name
EP/S022465/1 01/04/2019 30/09/2027
2280645 Studentship EP/S022465/1 23/09/2019 21/09/2023 Soo Yee Lim