Rescuing the End-user systems from Vulnerable Applications using Virtualization Techniques

TL;DR

This paper introduces qOS, a virtualization-based system designed to enhance security for end-user devices by providing transparent quarantine environments for applications and malicious entities, addressing limitations of existing methods.

Contribution

The paper presents qOS, a novel VM-based solution with OS extensions that improves security and transparency for end-user systems compared to prior virtualization approaches.

Findings

qOS effectively isolates malicious applications and devices.

The prototype demonstrates high efficiency and user transparency.

Security improvements are validated through empirical evaluation.

Abstract

In systems owned by normal end-users, many times security attacks are mounted by sneaking in malicious applications or exploiting existing software vulnerabilities through security non-conforming actions of users. Virtualization approaches can address this problem by providing a quarantine environment for applications, malicious devices, and device drivers, which are mostly used as entry points for security attacks. However, the existing methods to provide quarantine environments using virtualization are not transparent to the user, both in terms of application interface transparency and file system transparency. Further, software configuration level solutions like remote desktops and remote application access mechanisms combined with shared file systems do not meet the user transparency and security requirements. We propose qOS, a VM-based solution combined with certain OS extensions to meet the security requirements of end-point systems owned by normal users, in a transparent and efficient manner. We demonstrate the efficacy of qOS by empirically evaluating the prototype implementation in the Linux+KVM system in terms of efficiency, security, and user transparency.