Self-modifying Kernel Code Verification

Abstract: As we know, injecting malicious codes is a simple and effective way to add attack logic with the same privileges as the injection targets. Because of OS kernel vulnerabilities, the kernels face code injection threats. Considering the importance of kernels, researchers proposed some kernel code protection solutions. But almost all of them depend on an assumption that the kernels don't modify the codes of themselves. However, the self-modifying codes do exist widely in the kernels. It impedes the application of … Show more