N
Ning Qu
Researcher at Carnegie Mellon University
Publications - 18
Citations - 1727
Ning Qu is an academic researcher from Carnegie Mellon University. The author has contributed to research in topics: Hypervisor & Linux kernel. The author has an hindex of 11, co-authored 18 publications receiving 1677 citations. Previous affiliations of Ning Qu include Nvidia & Peking University.
Papers
More filters
Proceedings ArticleDOI
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
TL;DR: A tiny hypervisor that ensures code integrity for commodity OS kernels, SecVisor ensures that only user-approved code can execute in kernel mode over the entire system lifetime, which protects the kernel against code injection attacks, such as kernel rootkits.
Proceedings ArticleDOI
TrustVisor: Efficient TCB Reduction and Attestation
Jonathan M. McCune,Yanlin Li,Ning Qu,Zongwei Zhou,Anupam Datta,Virgil D. Gligor,Adrian Perrig +6 more
TL;DR: TrustVisor is presented, a special-purpose hypervisor that provides code integrity as well as data integrity and secrecy for selected portions of an application that has a very small code base that makes verification feasible.
Patent
Systems and methods for preventing unauthorized modification of an operating system
TL;DR: In this paper, the authors present an operating system comprised of kernel code for controlling access to operation of a processing unit and an enforcement agent executing at a higher privilege than the kernel code such that any changes to kernel code are approved by the enforcement agent prior to execution.
Patent
Methods and Apparatuses for User-Verifiable Trusted Path in the Presence of Malware
TL;DR: An apparatus and method for establishing a trusted path (152) between a user interface (150) and a trusted executable (312) where the trusted path includes a hypervisor (316), and a driver shim (314) is described in this article.
Book ChapterDOI
Lockdown: towards a safe and practical architecture for security applications on commodity platforms
TL;DR: This work investigates a new point in the design space of red/green systems, which provides the user with a highly-protected, yet also highly-constrained trusted ("green") environment for performing security-sensitive transactions, as well as a high-performance, general-purpose environment for all other applications.