skip to main content
10.1145/3473714.3473727acmotherconferencesArticle/Chapter ViewAbstractPublication PagesiccirConference Proceedingsconference-collections
research-article

Research on Operating System Kernel Security Based on Mandatory Behavior Control Mechanism (MBC)

Published: 13 August 2021 Publication History

Abstract

The current operating system security is mainly achieved by controlling the access to the operating system, which cannot effectively ensure the kernel security and leads to a large amount of data redundancy in the system kernel due to the need to review and other judgments on all access operations in turn. To address these problems, we study the kernel security of operating systems based on the mandatory behavior control mechanism (MBC). Partition management of the kernel is achieved by partitioning the system kernel for isolation and setting inter-partition communication. The kernel functions are divided into three parts: security detection, storage management, and read management, to facilitate modular kernel management. After building the framework of the control The comparative experimental data show that the OS kernel data redundancy ratio is less than 13% and has good security when applying this OS security scheme.

References

[1]
Kuo H C, Chen J, Mohan S, et al. Set the Configuration for the Heart of the OS: On the Practicality of Operating System Kernel Debloating[J]. Proceedings of the ACM on Measurement and Analysis of Computing Systems, 2020, 4(1):1--27.
[2]
Jun C, Wei L, XiaoL L, et al. Research on Microkernel-based Power Dedicated Secure Operating System[J]. 2019, 91(10): 1127--1136.
[3]
Donghai Tian, Rui Ma, Xiaoqi Jia, et al. KEcruiser: A novel control flow protection for kernel extensions[J]. Future Generation Computer Systems, 2019, 100: 1--9.
[4]
MeiLing Chiang, WeiLun Su, ShuWei Tu, et al. Memory - aware kernel mechanism and policies for improving internode load balancing on NUMA systems[J]. Software: Practice and Experience, 2019, 49(10): 1485--1508.
[5]
Yauhen Klimiankou. Design and Implementation of Port-Mapped IO Management Subsystem and Kernel Interface for True Microkernels on IA-32 Processors[J]. Programming and Computer Software, 2019, 45(6): 319--323.
[6]
Woo Y, Kim S, Kim C, et al. Catnap: A Backoff Scheme for Kernel Spinlocks in Many-Core Systems[J]. IEEE Access, 2020, PP(99):1.
[7]
Septiasari Rycka, Restu Pramadi Yogha. A study on windows-based ransomware implications on linux operating system using compatibility layer wine based on dynamic analysis[J]. IOP Conference Series: Materials Science and Engineering, 2020, 1007(1): 012120.
[8]
Janaina Antonino Pinto, Prashant Kumar, Marcelo Félix Alonso, et al. Kriging method application and traffic behavior profiles from local radar network database: A proposal to support traffic solutions and air pollution control strategies[J]. Sustainable Cities and Society, 2020, 56:102062.
[9]
Konstantina Michalopoulou. Mandatory Corporate Governance Rules and Auditor Behavior: The Case of Greece[J]. The International Journal of Accounting, 2019, 54(04): 43.
[10]
Jinghui Yuan, Mohamed Abdel-Aty, Qing Cai, et al. Investigating drivers' mandatory lane change behavior on the weaving section of freeway with managed lanes: A driving simulator study[J]. Transportation Research Part F: Psychology and Behaviour, 2019, 62: 11--32.
[11]
Building certified concurrent OS kernels[J]. Communications of the ACM, 2019, 62(10):89--99.
[12]
Maxime Compastié, Rmi Badonnel, Olivier Festor, et al. From virtualization security issues to cloud protection opportunities: An in-depth analysis of system virtualization models[J]. Computers & Security, 2020, 97:101905.
[13]
Kapil Netaji Vhatkar, Girish P. Bhole. Improved rider optimization for optimal container resource allocation in cloud with security assurance[J]. International Journal of Pervasive Computing and Communications, 2020, 16(3): 235--258.
[14]
Kerem Kucuk, Dawson Msongaleli, Orhan Akbulut, et al. Self-adaptive medium access control protocol for aggregated VLC--RF wireless networks[J]. Optics Communications, 2021, 488(6): 126837
[15]
Wang P, Zhou X, Lu K. Sabotaging the system boundary: A study of the inter-boundary vulnerability[J]. Journal of Information Security and Applications, 2020, 54(1):102496.
[16]
H Kuzuno, Yamauchi T. MKM: Multiple Kernel Memory for Protecting Page Table Switching Mechanism Against Memory Corruption[J]. 2020, 12231:97--116.
[17]
Bera Basudeb, Das Ashok Kumar, Sutrala Anil Kumar. Private blockchain-based access control mechanism for unauthorized UAV detection and mitigation in Internet of Drones environment[J]. Computer Communications, 2021, 166: 91--109.
[18]
Kai Lei, Junjie Fang, Qichao Zhang, et al. Blockchain-Based Cache Poisoning Security Protection and Privacy-Aware Access Control in NDN Vehicular Edge Computing Networks[J]. Journal of Grid Computing, 2020, 18(6): 1--21.
[19]
Shafiq Muhammad, Singh Pankaj, Ashraf Imran, et al. Ranked Sense Multiple Access Control Protocol for Multichannel Cognitive Radio-Based IoT Networks.[J]. Sensors (Basel, Switzerland), 2019, 19(7):1703.
[20]
Kayes A S M, Han Jun, Rahayu Wenny, et al. A Policy Model and Framework for Context-Aware Access Control to Information Resources[J]. The Computer Journal, 2019, 62(5): 670--705.

Cited By

View all
  • (2023)A Systematic Literature Review on Operating System Security: Distribution and Issues2023 3rd International Conference on Electronic and Electrical Engineering and Intelligent System (ICE3IS)10.1109/ICE3IS59323.2023.10335475(70-75)Online publication date: 9-Aug-2023

Index Terms

  1. Research on Operating System Kernel Security Based on Mandatory Behavior Control Mechanism (MBC)

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ICCIR '21: Proceedings of the 2021 1st International Conference on Control and Intelligent Robotics
    June 2021
    807 pages
    ISBN:9781450390231
    DOI:10.1145/3473714
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    In-Cooperation

    • Chongqing Univ.: Chongqing University

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 13 August 2021

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. kernel security
    2. mandatory behavior control mechanism
    3. operating system
    4. trustworthiness metrics

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    ICCIR 2021

    Acceptance Rates

    ICCIR '21 Paper Acceptance Rate 131 of 239 submissions, 55%;
    Overall Acceptance Rate 131 of 239 submissions, 55%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)33
    • Downloads (Last 6 weeks)4
    Reflects downloads up to 16 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)A Systematic Literature Review on Operating System Security: Distribution and Issues2023 3rd International Conference on Electronic and Electrical Engineering and Intelligent System (ICE3IS)10.1109/ICE3IS59323.2023.10335475(70-75)Online publication date: 9-Aug-2023

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media