Computing platforms and operating systems (OS) continue to evolve to meet the demands placed on them by the increasing number of new hardware devices and sophisticated software applications. As a result, OS kernels, the central components of most operating systems responsible for managing system resources, have become more complex over time.
Kernel code sizes have grown to millions of lines, with some operating systems such as Windows XP now containing upwards of 40 million of lines of kernel code. Any compromise to OS kernel code could have potentially devastating effects on the overall integrity of a computer system.
In response to the growing threat posed to OS kernels and computing systems from malware attacks such as code modification and code injection, CyLab researcher Adrian Perrig has developed SecVisor, a tiny hypervisor designed to ensure that only approved kernel code is executable. SecVisor provides lifetime kernel protection regardless of the scale of an attack and the extent to which system control is compromised.
Further, SecVisor’s small code size makes it ideal for use with existing legacy OS kernels, with large-scale design changes not required. While many other approaches to OS security simply detect and mitigate kernel attacks, Adrian Perrig and CyLab are taking a new approach to the problem with SecVisor by seeking to prevent attacks altogether.