THE ROLE OF KERNEL SECURITY MECHANISMS IN PREVENTING ATTACKS AT THE LINUX OPERATING SYSTEM LEVEL

Security is a critically important aspect of modern Linux operating systems, with the kernel playing a central role in its provision. Acting as an intermediary between hardware resources and application software, the kernel controls access to system resources and manages process execution. One of its key functions is to protect the system from various cyber threats and attacks aimed at exploiting vulnerabilities at the operating system level. This paper examines the main security mechanisms implemented in the Linux kernel, including access control (SELinux, AppArmor), address space randomization (ASLR), memory protection (DEP, Stack Guard), and privilege restrictions. It discusses how these mechanisms prevent or mitigate the impact of attacks such as buffer overflows, malicious code injection, and privilege escalation. The effectiveness of these methods and their role in the overall cybersecurity strategy for Linux-based systems are analyzed.
Additionally, the paper highlights current trends and future prospects for the development of kernel security mechanisms, including the integration of hardware security tools and the use of machine learning technologies to detect threats. The importance of timely kernel and system component updates, as well as the active role of users and administrators in maintaining high-security standards, is emphasized. Thus, the article provides a comprehensive overview of how the Linux kernel contributes to preventing attacks at the operating system level and outlines measures that can be taken to enhance security in the future.

1. Mauerer W. Professional Linux Kernel Architecture / W. Mauerer. – Indianapolis: Wrox Press, 2008. – 1368 r. (In English).

2. Love R. Linux Kernel Development / R. Love. – 3rd ed. – Indianapolis: Addison-Wesley Professional, 2010. – 440 r. (In English).

3. Sharma S. Linux Security Architecture / S. Sharma // International Journal of Computer Applications. – 2012. – Vol. 40, № 16. – R. 1-7. (In English).

4. Smalley S. Implementing SELinux as a Linux Security Module / S. Smalley, C. Vance, W. Salamon // NAI Labs Report. – 2001. URL: https://www.nsa.gov/portals/75/documents/resources/everyone/digital-media-center/publications/research-papers/implementing-selinux-aslinux-security-module-report.pdf (data obrashcheniya: 15.10.2023). (In English).

5. Grimes R. Linux Buffer Overflow Attack Explained / R. Grimes // Security Strategies in Linux Platforms and Applications. – Boston: Jones & Bartlett Learning. – 2010. – R. 285-310. (In English).

6. Kurkin A.V. Zashchita operatsionnykh sistem semeistva Linux / A.V. Kurkin. – Moskva: DMK Press, 2015. – 320 s. (In Russian).

7. Vasil'ev A.P. Mekhanizmy bezopasnosti v yadre Linux / A.P. Vasil'ev, B.A. Smirnov // Programmnye produkty i sistemy. – 2017. – № 4. – S. 120-125. (In Russian).

8. Edge J. Asynchronous Vulnerability Notification and Linux Kernel Security / J. Edge // Communications of the ACM. – 2019. – Vol. 62, № 6. – R. 18-20. (In English).

9. Müller T. A Systematic Assessment of the Security of Full Disk Encryption / T. Müller, F.C. Freiling // IEEE Transactions on Dependable and Secure Computing. – 2011. – Vol. 8, № 3. – R. 223-238. (In English).

10. Vasil'ev D.S. Analiz metodov randomizatsii adresnogo prostranstva v Linux / D.S. Vasil'ev// Informatsionnaya bezopasnost'. – 2020. – T. 23, № 2. – S. 45-51. (In Russian).