3-prong approach to protect your OS from attacks
By ANIThursday, January 27, 2011
WASHINGTON - Experts at North Carolina State University have devised a new three-pronged approach to restore an OS if it is attacked.
“Our approach has three components: attack detection; security fault isolation; and recovery,” said Dr. Yan Solihin.
The idea is to take a snapshot of the OS when it is functioning normally and then, if the OS is attacked, to erase everything that was done since the last “good” snapshot was taken.
The mechanism also allows the OS to identify the source of the attack and isolate it, so that the OS will no longer be vulnerable to attacks from that application.
However, this approach was considered impractical because taking these snapshots and running such a system significantly slowed operating speeds.
“But we’ve developed hardware support that allows the OS to incorporate these survivability components more efficiently, so that they take up less time and energy,” Solihin said.
The researchers say the survival system takes up less than 5 percent of the OS’s operating overhead.
The paper will be presented Feb. 16 at the IEEE International Symposium on High-Performance Computer Architecture in San Antonio, Texas. (ANI)