DriverGuard: A fine-grained protection on I/O flow

Most commodity peripheral devices and their drivers are geared to achieve high performance with security functions being opted out. The absence of security measures invites attacks on the I/O data and consequently threats those applications feeding on them, such as biometric authentication. In this...

Full description

Saved in:
Bibliographic Details
Main Authors: CHENG, Yueqiang, DING, Xuhua, DENG, Robert H.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2011
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/1418
https://ink.library.smu.edu.sg/context/sis_research/article/2417/viewcontent/Cheng2011_Chapter_DriverGuardAFine_Grained_pv.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-2417
record_format dspace
spelling sg-smu-ink.sis_research-24172022-02-18T01:29:50Z DriverGuard: A fine-grained protection on I/O flow CHENG, Yueqiang DING, Xuhua DENG, Robert H. Most commodity peripheral devices and their drivers are geared to achieve high performance with security functions being opted out. The absence of security measures invites attacks on the I/O data and consequently threats those applications feeding on them, such as biometric authentication. In this paper, we present the design and implementation of DriverGuard, a hypervisor based protection mechanism which dynamically shields I/O flows such that I/O data are not exposed to the malicious kernel. Our design leverages a composite of cryptographic and virtualization techniques to achieve fine-grained protection. DriverGuard is lightweight as it only needs to protect around 2% of the driver code’s execution. We have tested DriverGuard with three input devices and two output devices. The experiments show that DriverGuard induces negligible overhead to the applications. 2011-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/1418 info:doi/10.1007/978-3-642-23822-2_13 https://ink.library.smu.edu.sg/context/sis_research/article/2417/viewcontent/Cheng2011_Chapter_DriverGuardAFine_Grained_pv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Information Security
spellingShingle Information Security
CHENG, Yueqiang
DING, Xuhua
DENG, Robert H.
DriverGuard: A fine-grained protection on I/O flow
description Most commodity peripheral devices and their drivers are geared to achieve high performance with security functions being opted out. The absence of security measures invites attacks on the I/O data and consequently threats those applications feeding on them, such as biometric authentication. In this paper, we present the design and implementation of DriverGuard, a hypervisor based protection mechanism which dynamically shields I/O flows such that I/O data are not exposed to the malicious kernel. Our design leverages a composite of cryptographic and virtualization techniques to achieve fine-grained protection. DriverGuard is lightweight as it only needs to protect around 2% of the driver code’s execution. We have tested DriverGuard with three input devices and two output devices. The experiments show that DriverGuard induces negligible overhead to the applications.
format text
author CHENG, Yueqiang
DING, Xuhua
DENG, Robert H.
author_facet CHENG, Yueqiang
DING, Xuhua
DENG, Robert H.
author_sort CHENG, Yueqiang
title DriverGuard: A fine-grained protection on I/O flow
title_short DriverGuard: A fine-grained protection on I/O flow
title_full DriverGuard: A fine-grained protection on I/O flow
title_fullStr DriverGuard: A fine-grained protection on I/O flow
title_full_unstemmed DriverGuard: A fine-grained protection on I/O flow
title_sort driverguard: a fine-grained protection on i/o flow
publisher Institutional Knowledge at Singapore Management University
publishDate 2011
url https://ink.library.smu.edu.sg/sis_research/1418
https://ink.library.smu.edu.sg/context/sis_research/article/2417/viewcontent/Cheng2011_Chapter_DriverGuardAFine_Grained_pv.pdf
_version_ 1770571114795237376