Hardware, software advances help protect operating systems from attack

Jan 26, 2011

The operating system (OS) is the backbone of your computer. If the OS is compromised, attackers can take over your computer – or crash it. Now researchers at North Carolina State University have developed an efficient system that utilizes hardware and software to restore an OS if it is attacked.

At issue are security in which an outside party successfully compromises one computer application (such as a Web browser) and then uses that application to gain access to the OS. For example, the compromised application could submit a "system call" to the OS, effectively asking the OS to perform a specific function. However, instead of a routine function, the attacker would use the system call to attempt to gain control of the OS.

"Our goal is to give the OS the ability to survive such attacks," says Dr. Yan Solihin, an associate professor of electrical and computer engineering at NC State and co-author of a paper describing the new system. "Our approach has three components: attack detection; security fault isolation; and recovery."

The concept is to take a snapshot of the OS at strategic points in time (such as system calls or interrupts), when it is functioning normally and then, if the OS is attacked, to erase everything that was done since the last "good" snapshot was taken – effectively going back in time to before the OS attack. The mechanism also allows the OS to identify the source of the attack and isolate it, so that the OS will no longer be vulnerable to attacks from that application.

The idea of detecting attacks and re-setting a system to a safe state is a well-known technique for restoring a system's normal functions after a failure, but this is the first time researchers have developed a system that also incorporates the security fault isolation component. This critical component prevents the OS from succumbing to the same attack repeatedly.

The concept of taking snapshots of the OS and using it to replace the OS if it is compromised was previously viewed as impractical, since taking these snapshots and running such a system significantly slowed operating speeds. "But we've developed hardware support that allows the OS to incorporate these survivability components more efficiently, so that they take up less time and energy," Solihin says. The researchers say the survival system takes up less than 5 percent of the OS's operating overhead.

Explore further: Team infuses science into 'Minecraft' modification

More information: The paper, "Architectural Framework for Supporting Operating System Survivability," was co-authored by Solihin and former NC State Ph.D. student Xiaowei Jiang. The paper will be presented Feb. 16 at the IEEE International Symposium on High-Performance Computer Architecture in San Antonio, Texas.

add to favorites email to friend print save as pdf

Related Stories

Battling Botnets With An Awesome OS

Apr 09, 2010

(PhysOrg.com) -- Despite security software, patches and updates, your computer remains threatened by attack and takeover from hackers and cyber-criminals who will turn your PC into their networked robot -- or "bot" -- creating ...

Will Google resurrect the smartbook?

Nov 03, 2010

(PhysOrg.com) -- The idea of a smartbook has been tantalizing, but first generation attempts have fallen prey to their own immaturity. Now, though, there is a chance that Google could resurrect the smartbook ...

Recommended for you

Microsoft beefs up security protection in Windows 10

3 hours ago

What Microsoft users in business care deeply about—-a system architecture that supports efforts to get their work done efficiently; a work-centric menu to quickly access projects rather than weather readings ...

Team infuses science into 'Minecraft' modification

22 hours ago

The 3-D world of the popular "Minecraft" video game just became more entertaining, perilous and educational, thanks to a comprehensive code modification kit, "Polycraft World," created by University of Texas at Dallas professors, ...

Microsoft's Garage becomes an incubator of consumer apps

Oct 24, 2014

For five years now, The Garage has served as Microsoft's incubator for employees' passion projects, an internal community of engineers, designers, hardware tinkerers and others from all different parts of the company who ...

Students win challenge for real-time traffic app

Oct 24, 2014

Three University of Texas at Arlington Computer Science and Engineering students have won a $10,000 prize in the NTx Apps Challenge for a smart traffic light network that adjusts traffic light schedules to ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

unknownorgin
not rated yet Jan 31, 2011
When an operating system allows programs to run from an outside source it is just like leaving the keys in your car. The problem with the current internet/computer system is that anybody anywhere can control it.