KASLR-MT : kernel address space layout randomization for multi-tenant cloud systems
- Submitting institution
-
University of the West of Scotland
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 12604673
- Type
- D - Journal article
- DOI
-
10.1016/j.jpdc.2019.11.008
- Title of journal
- Journal of Parallel and Distributed Computing
- Article number
- -
- First page
- 77
- Volume
- 137
- Issue
- -
- ISSN
- 0743-7315
- Open access status
- Compliant
- Month of publication
- November
- Year of publication
- 2019
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
1
- Research group(s)
-
-
- Citation count
- 2
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- This paper reveals why the most widely and effective technique used to mitigate attacks at kernel level, KASLR, fails to provide protection and shareability at the same time in cloud systems. We propose a new technique, KASLR-MT, the first effective and practical Kernel ASLR memory protection for cloud computing that maximizes the memory deduplication savings rate while providing a strong security. The proposed system has been implemented in the Kernel-based Virtual Machine (KVM) showing that it is not intrusive and highly scalable.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -