An enclave assisted snapshot-based kernel integrity monitor

ABSTRACTThe integrity of operating system (OS) kernels is of paramount importance in order to ensure the secure operation of user-level processes and services as well as the benign behavior of the entire system. Attackers aim to exploit a system's kernel since compromising it provides more flexibility for malicious operations compared to compromising a user-level process. Acquiring access to the OS kernel enables malicious parties to manipulate process execution, control the file system and the peripheral devices and obtain securityand privacy-critical data. One of the most effective countermeasures against rootkits are kernel integrity monitors, implemented in software (often assisted by a hypervisor) or external hardware, aiming to detect threats by scanning the kernel's state. However, modern rootkits are able to hide their presence and prevent detection from such mechanisms either by identifying and disabling the monitors or by performing transient attacks. In this paper we present SGX-Mon, an external kernel integrity monitor that verifies the operating system's kernel integrity using a very small TCB while it does not require any OS modifications or external hardware. SGX-Mon is a snapshot-based monitor, residing in the user space, and utilizes the trusted execution environment offered by Intel SGX enclaves in order to avoid detection from rootkits and prevent attackers from tampering its execution and operation-critical data. Our system is able to perform scanning, analysis and verification of arbitrary kernel memory pages and memory regions and ensure their integrity. The monitored locations can be specified by the user and can contain critical kernel code and data. SGX-Mon scans the system periodically and compares the contents of critical memory regions against their known benign values. Our experimental results show that SGX-Mon is able to achieve 100% accuracy while scanning up to 6,000 distinct kernel memory locations.