Cherub: Fine-grained application protection with on-demand virtualization

Cherub is an on-demand virtualization mechanism aiming to provide fine-grained application protection in untrusted environments. By leveraging late launch technology, Cherub dynamically inserts a lightweight virtual machine monitor (VMM) under a commodity operating system (OS) when critical pieces of an application code or data are to be processed. The novel design of Cherubwith a double-shadowedpage table extendsVMM level memory protection into application level, such that it can isolate selected memory pages of a target process from the rest and other processes in the same OS environment. With this, Cherub enables fine-grained memory access control and therefore flexible security objectives. Compared to existing approaches, Cherub has the benefits of small code size, lowperformance overhead, no change to existing applications and commodity OS, and selective protection capability within a single application space. We implement Cherub in Linux and our analysis and evaluation demonstrate its effectiveness and practicality. © 2012 Elsevier Ltd. All rights reserved.