@inproceedings{f5ff3774b54d4dcf875e99fc0caca246,
title = "LeMo: Protecting kernel with least privilege modules",
abstract = "The Linux kernel is the monolithic kernel, and the boundaries among the objects in the kernel are not particularly clear. Once the malicious module is loaded in the kernel, it can almost access the entire kernel. This breaks the principle of least privilege. To overcome it, in this paper, we propose LeMo which is the novel architecture to hold the module with least privilege in the kernel. In LeMo, the modules are restricted to access the necessary kernel objects. To the end, before the module is loaded in the kernel, the patched kernel build a new page table for the module. With page-based access control, the patched kernel is capable of preventing the malicious modules to arbitrarily access the kernel. We have implemented the prototype of LeMo which provide the tools which load or unload the module. Our evaluation show that LeMo is able to defeat the malicious module with a acceptable performance overhead.",
keywords = "Access control, Loadable module, Page table, Privilege",
author = "Hongwei Zhou and Jinhui Yuan and Kai Zhang and Xuhua Zhu",
note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 3rd IEEE Information Technology, Networking, Electronic and Automation Control Conference, ITNEC 2019 ; Conference date: 15-03-2019 Through 17-03-2019",
year = "2019",
month = mar,
doi = "10.1109/ITNEC.2019.8729327",
language = "英语",
series = "Proceedings of 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference, ITNEC 2019",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "349--353",
editor = "Bing Xu",
booktitle = "Proceedings of 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference, ITNEC 2019",
address = "美国",
}