The Community for Technology Leaders
2015 International Conference on Computing, Networking and Communications (ICNC) (2015)
Garden Grove, CA, USA
Feb. 16, 2015 to Feb. 19, 2015
ISBN: 978-1-4799-6959-3
pp: 685-689
Zili Zha , Department of Computer Science, Virginia Commonwealth University
Min Li , Department of Computer Science, Virginia Commonwealth University
Wanyu Zang , Department of Computer Science, Virginia Commonwealth University
Meng Yu , Department of Computer Science, Virginia Commonwealth University
Songqing Chen , Department of Computer Science, George Mason University
ABSTRACT
The security of user applications largely relies on the proper execution of the underlying operating system. However, existing commodity OSes are inevitably vulnerable due to their enormous code base containing a whole bunch of bugs that can be easily exploited by attackers. In such situations, a proper way of protecting users' data privacy and integrity at runtime is a paramount task that needs efficient solutions. While quite some efforts, such as Overshadow, SP3, InkTag, and AppShield, have been made to deal with this problem, existing solutions either induce non-trivial performance overhead, or demand modifications to the OS, applications, or the underlying hardware architecture. In this paper, we present AppGuard that can efficiently and feasibly protect user applications even on a compromised OS. AppGuard utilizes the hardware virtualization extensions to achieve such a goal. Compared to the existing solutions, AppGuard does not require any modifications to the application or the OS. Our evaluation results demonstrate that AppGuard can provide effective protection to user applications with much lower performance overhead.
INDEX TERMS
Decision support systems, Handheld computers, Conferences, Context
CITATION

Z. Zha, M. Li, W. Zang, M. Yu and S. Chen, "AppGuard: A hardware virtualization based approach on protecting user applications from untrusted commodity operating system," 2015 International Conference on Computing, Networking and Communications (ICNC), Garden Grove, CA, USA, 2015, pp. 685-689.
doi:10.1109/ICCNC.2015.7069428
88 ms
(Ver 3.3 (11022016))