Endokernel - A Thread Safe Monitor for Lightweight Subprocess Isolation

Learn about a groundbreaking security research presentation from USENIX Security '24 that introduces the Endokernel, an innovative intra-process security monitor designed for subprocess isolation. Explore how this system achieves efficient memory isolation while maintaining thread safety and preventing monitor bypass attempts. Discover the unique inside-out methodology used to identify core OS primitives and their relationship to interface dependencies, leading to enhanced security policies and a sophisticated fine-grained locking approach. Understand how the research team from Rice University, Amazon, Trail of Bits, Intel Labs, Texas A&M University, and Riverside Research developed a solution that balances fast isolation with robust security and backwards compatibility, while introducing a systematic method for identifying policy gaps in subprocess compartmentalization.