D. V. Efremov, A. K. Petrenko, B. A. Pozin, V. A. Semenov, “Overview of hardening mechanisms in operating systems and user applications”, Proceedings of ISP RAS, 2025, Volume 37, Issue 3,Pages <nobr>325

Overview of hardening mechanisms in operating systems and user applications

D. V. Efremov^a, A. K. Petrenko^bca, B. A. Pozin^cda, V. A. Semenov^ea

^a Ivannikov Institute for System Programming of the RAS
^b Lomonosov Moscow State University
^c National Research University Higher School of Economics
^d “EC-leasing” Co.
^e Moscow Institute of Physics and Technology

Abstract: This paper presents a systematic review of hardening mechanisms for operating systems and user applications. Various types of protection mechanisms are discussed, including memory protection mechanisms, hardware stack protection, dynamic memory protection, address space randomization, control flow protection, and system integrity protection. The principles of these mechanisms, their effectiveness, and their impact on system performance are analyzed in detail. Special attention is given to the implementation of protective mechanisms in modern operating systems, particularly in the Linux kernel. This work is intended for information security specialists, operating system developers, and researchers working on information security issues.

Keywords: information security, operating systems, application security, memory protection, integrity control, isolation, security hardening, hardening.

DOI: 10.15514/ISPRAS-2025-37(3)-23