The security of user applications largely relies on the proper execution of the underlying operating system. However, existing commodity OSes are inevitably vulnerable due to their enormous code base containing a whole bunch of bugs that can be easily exploited by attackers. In such situations, a proper way of protecting users’ data privacy and integrity at runtime is a paramount task that needs efficient solutions. While quite some efforts, such as Overshadow, SP3, InkTag, and AppShield, have been made to deal with this problem, existing solutions either induce non-trivial performance overhead, or demand modifications to the OS, applications, or the underlying hardware architecture.
In this paper, we present AppGuard that can efficiently and feasibly protect user applications even on a compromised OS. AppGuard utilizes the hardware virtualization extensions to achieve such a goal. Compared to the existing solutions, AppGuard does not require any modifications to the application or the OS. Our evaluation results demonstrate that AppGuard can provide effective protection to user applications with much lower performance overhead.