English
Related papers

Related papers: Runtime Verification of Linux Kernel Security Modu…

200 papers

This paper presents results from the development and evaluation of a deductive verification benchmark consisting of 26 unmodified Linux kernel library functions implementing conventional memory and string operations. The formal contract of…

Software Engineering · Computer Science 2018-11-15 Denis Efremov , Mikhail Mandrykin , Alexey Khoroshilov

Interactive theorem proving software is typically designed around a trusted proof-checking kernel, the sole system component capable of authenticating theorems. Untrusted automation procedures reside outside of the kernel, and drive it to…

Cryptography and Security · Computer Science 2022-05-09 Dominic P. Mulligan , Nick Spinale

Protected user-level libraries have been proposed as a way to allow mutually distrusting applications to safely share kernel-bypass services. In this paper, we identify and solve several previously unaddressed obstacles to realizing this…

Operating Systems · Computer Science 2025-09-04 Alan Beadle , Michael L. Scott , John Criswell

The Trusted Platform Module (TPM) is a cryptoprocessor designed to protect integrity and security of modern computers. Communications with the TPM go through the TPM Software Stack (TSS), a popular implementation of which is the open-source…

Software Engineering · Computer Science 2023-10-30 Yani Ziani , Nikolai Kosmatov , Frédéric Loulergue , Daniel Gracia Pérez , Téo Bernier

Malicious attacks on open-source software packages are a growing concern. The discovery of the XZ Utils backdoor intensified these concerns because of the potential widespread impact. This study, therefore, explores the challenges of…

Cryptography and Security · Computer Science 2025-07-22 Duc-Ly Vu , Trevor Dunlap , Karla Obermeier-Velazquez , Thanh-Cong Nguyen , Paul Gibert , John Speed Meyers , Santiago Torres-Arias

The application layer of Bluetooth Low Energy (BLE) is a growing source of security vulnerabilities, as developers often neglect to implement critical protections such as encryption, authentication, and freshness. While formal verification…

Cryptography and Security · Computer Science 2025-09-12 Biwei Yan , Yue Zhang , Minghui Xu , Runyu Pan , Jinku Li , Xiuzhen Cheng

Compliance as code is an emerging idea about automating compliance through programmed compliance controls and checks. Given scant existing research thus far, the paper presents an empirical analysis of a compliance as code project…

Software Engineering · Computer Science 2026-03-03 Jukka Ruohonen , Esmot Ara Tuli , Hiraku Morita

The Linux kernel source code contains numerous constant values that critically influence system performance. Many of these constants, which we term perf-consts, are magic numbers that encode brittle assumptions about hardware and workloads.…

Operating Systems · Computer Science 2025-12-16 Zhongjie Chen , Wentao Zhang , Yulong Tang , Ran Shu , Fengyuan Ren , Tianyin Xu , Jing Liu

Linux Seccomp is widely used by the program developers and the system maintainers to secure the operating systems, which can block unused syscalls for different applications and containers to shrink the attack surface of the operating…

Cryptography and Security · Computer Science 2025-10-07 Dongyang Zhan , Zhaofeng Yu , Xiangzhan Yu , Hongli Zhang , Lin Ye

Linux kernel is a huge code base with enormous number of subsystems and possible configuration options that results in unmanageable complexity of elaborating an efficient configuration. Machine Learning (ML) is approach/area of learning…

Machine Learning · Computer Science 2026-03-03 Viacheslav Dubeyko

False-positive bug reports represent a significant yet underexplored challenge in the development and maintenance of the Linux kernel. They occur when correct system behavior is mistakenly flagged as a defect, consuming developer effort…

Software Engineering · Computer Science 2026-05-11 Jiashuo Tian , Dong Wang , Chen Yang , Haichi Wang , Zan Wang , Junjie Chen

As cyber threats continue to evolve and diversify, it has become increasingly challenging to identify the root causes of security breaches that occur between periodic security assessments. This paper explores the fundamental importance of…

Cryptography and Security · Computer Science 2024-12-24 Prakhar Paliwal , Arjun Sable , Manjesh K. Hanawal

Highly configurable systems are highly complex systems, with the Linux kernel arguably being one of the most well-known ones. Since 2007, it has been a frequent target of the research community, conducting empirical studies and building…

Software Engineering · Computer Science 2021-01-01 Patrick Franz , Thorsten Berger , Ibrahim Fayaz , Sarah Nadi , Evgeny Groshev

Operating systems rely on system calls to allow the controlled communication of isolated processes with the kernel and other processes. Every system call includes a processor mode switch from the unprivileged user mode to the privileged…

Cryptography and Security · Computer Science 2022-02-01 Luis Gerhorst , Benedict Herzog , Stefan Reif , Wolfgang Schröder-Preikschat , Timo Hönig

This paper presents Flashmon version 2, a tool for monitoring embedded Linux NAND flash memory I/O requests. It is designed for embedded boards based devices containing raw flash chips. Flashmon is a kernel module and stands for "flash…

Operating Systems · Computer Science 2013-09-09 Pierre Olivier , Jalil Boukhobza , Eric Senn

Kernel task scheduling is important for application performance, adaptability to new hardware, and complex user requirements. However, developing, testing, and debugging new scheduling algorithms in Linux, the most widely used cloud…

Operating Systems · Computer Science 2023-06-28 Samantha Miller , Anirudh Kumar , Tanay Vakharia , Tom Anderson , Ang Chen , Danyang Zhuo

There is increasing interest in using Linux in the real-time domain due to the emergence of cloud and edge computing, the need to decrease costs, and the growing number of complex functional and non-functional requirements of real-time…

Operating Systems · Computer Science 2023-07-28 Gautam Gala , Isser Kadusale , Gerhard Fohler

eBPF is a technology that allows developers to safely extend kernel functionality without modifying kernel source code or developing loadable kernel modules. Since the kernel governs critical system operations and enforces isolation…

Programming Languages · Computer Science 2025-07-15 Swarn Priya , Frédéric Besson , Connor Sughrue , Tim Steenvoorden , Jamie Fulford , Freek Verbeek , Binoy Ravindran

The Linux shell is a command-line interpreter that provides users with a command interface to the operating system, allowing them to perform a variety of functions. Although very useful in building capabilities at the edge, the Linux shell…

In this paper, we present the results of using bags of system calls for learning the behavior of Linux containers for use in anomaly-detection based intrusion detection system. By using system calls of the containers monitored from the host…

Cryptography and Security · Computer Science 2017-01-05 Amr S. Abed , T. Charles Clancy , David S. Levy