2 research outputs found
Rescuing the End-user systems from Vulnerable Applications using Virtualization Techniques
In systems owned by normal end-users, many times security attacks are mounted
by sneaking in malicious applications or exploiting existing software
vulnerabilities through security non-conforming actions of users.
Virtualization approaches can address this problem by providing a quarantine
environment for applications, malicious devices, and device drivers, which are
mostly used as entry points for security attacks. However, the existing methods
to provide quarantine environments using virtualization are not transparent to
the user, both in terms of application interface transparency and file system
transparency. Further, software configuration level solutions like remote
desktops and remote application access mechanisms combined with shared file
systems do not meet the user transparency and security requirements. We propose
qOS, a VM-based solution combined with certain OS extensions to meet the
security requirements of end-point systems owned by normal users, in a
transparent and efficient manner. We demonstrate the efficacy of qOS by
empirically evaluating the prototype implementation in the Linux+KVM system in
terms of efficiency, security, and user transparency.Comment: 14 pages, 9 figure